No inappropriate words or phrases in passwords? - Escape Trailer Owners Community

Go Back   Escape Trailer Owners Community > Escape Me | General Topics > Cyber Campfire
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 08-21-2019, 07:30 AM   #1
Senior Member
 
Mike Lewis's Avatar
 
Join Date: Feb 2013
Location: Santa Rosa County, Florida
Trailer: 2014 Escape 21
Posts: 2,127
No inappropriate words or phrases in passwords?

Since most of us use password-protected systems, I thought you might find this interesting. I recently started using a credit union account that had been dormant for a while. I figured it would not let me into its website due to disuse, and sure enough I was prompted to change my password. When I tried to, I was given the usual list of requirements such as using special characters, numbers, etc., plus one I had not seen before: "no inappropriate words or phrases?"

Hmm. Since computers can't be offended by what I type, the odd requirement made me think that:
1. passwords are being stored in the clear, not encrypted, or
2. someone (the government? ) is trying to force people to use dictionary words so they would be easier to crack, or
3. it's just political correctness run amok.

I was taught to make my passwords by picking a phrase or sentence then use the first letter of each word in the sentence. For instance the previous sentence would generate "Iwttmmpbpa..." and so forth, adding the other requirements such the special characters. This works as well as anything for password-protected systems. But when I did this for the credit union account it got kicked back as an "inappropriate word or phrase".

I called the credit union. After four tries I spoke to a supervisor who suggested that I go to a local credit union branch and try from a computer there. She said that the language requirement came from the national credit union association, and added that she used a non-dictionary word as her password and it works. So I went to the local credit union branch and after a couple of tries I was able to generate a password that the system would accept.

So-- has anyone else encountered this requirement for no inappropriate language in passwords, and if so, has it impeded your creation of a password even if there were no bad words in your password?
__________________

__________________
Mike Lewis
Photos and travelogues here: mikelewisimages.com
Mike Lewis is offline   Reply With Quote
Old 08-21-2019, 09:48 AM   #2
Senior Member
 
LeonW's Avatar
 
Join Date: Aug 2011
Location: St. Paul, Minnesota
Trailer: 2014 Escape 21 -- The Skylark. Towed by a 2014 Highlander
Posts: 1,063
I spent the last few years of my working life working for a large bank in their IT department. At some point, they installed software that scanned emails for inappropriate words and blocked those emails.

One of my co-workers had the last name of "Cockcroft". Actually, two of them as they were husband and wife. They got no emails for a week because of the first syllable of their last name. Computers aren't very smart, but they do follow instructions extremely well. Actually, they are getting smarter, and I suppose someday they will be able to infer what we mean rather than taking what we say literally.

But more to your point, Mike, I now use a password manager that is able to generate (and store) random strings of characters that will not be found in a dictionary. It just makes passwords harder for hackers to guess using brute force techniques, and of course, I don't share passwords across sites any more...
__________________

__________________
Camping: Where you spend a small fortune to live like a homeless person.
LeonW is offline   Reply With Quote
Old 08-21-2019, 09:49 AM   #3
Senior Member
 
Join Date: Mar 2016
Location: Fremont, California
Trailer: 2017 Escape 17B
Posts: 196
Quote:
Originally Posted by Mike Lewis View Post
1. passwords are being stored in the clear, not encrypted, or
2. someone (the government? ) is trying to force people to use dictionary words so they would be easier to crack, or
3. it's just political correctness run amok.
None of the above. It's because they are disallowing passwords that are easily guessed because they are commonly used. People commonly use "inappropriate words or phrases" for passwords, so this is an easy attack. The algorithm is probably triggering a false positive for your password choice. Another common choice is patterns on a keyboard like "qazwsxswzaq". You may have run into one of those. It's computer science, but it's not perfect!
skyfree is offline   Reply With Quote
Old 08-21-2019, 09:59 AM   #4
Senior Member
 
escape artist's Avatar
 
Join Date: Oct 2008
Location: St. Thomas not BVI., Ontario
Trailer: 2014 Escape 5.0TA / 2016 Ram Eco Diesel 4X4
Posts: 6,217
Quote:
Originally Posted by skyfree View Post
None of the above. It's because they are disallowing passwords that are easily guessed because they are commonly used. People commonly use "inappropriate words or phrases" for passwords, so this is an easy attack. The algorithm is probably triggering a false positive for your password choice. Another common choice is patterns on a keyboard like "qazwsxswzaq". You may have run into one of those. It's computer science, but it's not perfect!
Hi: skyfree... Seen on a bathroom mirror; someone wrote "Think"... and under it someone else wrote "Thoap". Alf
escape artist N.S. of Lake Erie
__________________
Quote Bugs Bunny..."Don't take life too seriously, none of us get out of it ALIVE"!!!
'16 Ram Eco D. 4X4 Laramie Longhorn CC & '14 Escape 5.0TA
St.Thomas (Not the Virgin Islands) Ontario
escape artist is offline   Reply With Quote
Old 08-21-2019, 10:08 AM   #5
Site Team
 
cpaharley2008's Avatar
 
Join Date: Jun 2010
Location: Chilliwack, British Columbia
Trailer: Escape#4, 2019 Escape21 DejaView pulled by 2014 Ram Hemi/8sp
Posts: 19,455
Quote:
Originally Posted by escape artist View Post
Hi: skyfree... Seen on a bathroom mirror; someone wrote "Think"... and under it someone else wrote "Thoap". Alf
escape artist N.S. of Lake Erie
I thought that they could not spell and forgot to add a "S" to the first word....
__________________
Jim
It is not the years in your life but the life in your years Lincoln
cpaharley2008 is online now   Reply With Quote
Old 08-21-2019, 10:22 AM   #6
Senior Member
 
Mike Lewis's Avatar
 
Join Date: Feb 2013
Location: Santa Rosa County, Florida
Trailer: 2014 Escape 21
Posts: 2,127
Quote:
Originally Posted by skyfree View Post
None of the above. It's because they are disallowing passwords that are easily guessed because they are commonly used. People commonly use "inappropriate words or phrases" for passwords, so this is an easy attack.

This makes sense; I should have thought of it. I guess banning all dictionary words would be too much of a burden upon users.
__________________
Mike Lewis
Photos and travelogues here: mikelewisimages.com
Mike Lewis is offline   Reply With Quote
Old 08-21-2019, 10:27 AM   #7
Senior Member
 
Mike Lewis's Avatar
 
Join Date: Feb 2013
Location: Santa Rosa County, Florida
Trailer: 2014 Escape 21
Posts: 2,127
Quote:
Originally Posted by LeonW View Post
But more to your point, Mike, I now use a password manager that is able to generate (and store) random strings of characters that will not be found in a dictionary. It just makes passwords harder for hackers to guess using brute force techniques, and of course, I don't share passwords across sites any more...
I have a friend whose last name is "Fruit", and Apple wouldn't let him make an account with his name on its website.

I've been reluctant to try a password manager but I guess I should. I assume they require one master password, which is a big single point of failure if it gets out. Maybe I'm wrong; I'll look into it.
__________________
Mike Lewis
Photos and travelogues here: mikelewisimages.com
Mike Lewis is offline   Reply With Quote
Old 08-21-2019, 10:52 AM   #8
Senior Member
 
Mike Lewis's Avatar
 
Join Date: Feb 2013
Location: Santa Rosa County, Florida
Trailer: 2014 Escape 21
Posts: 2,127
The cussing bug

My favorite computer security story involves the Speak 'n' Spell (or whatever it was called) toy back in the '80s or early '90s. A kid could type in a word and the toy would pronounce the word. The toy's makers didn't want the kids to be typing in bad words and hearing them, so it had a list of words stored on the device that the toy wouldn't pronounce if typed in.

Well, eager kids and horrified parents soon discovered that the toy had a bug: if you pressed its keys in a certain way the toy would start pronouncing all of the bad words, in a stream of expletives one after the other. Ha!
__________________
Mike Lewis
Photos and travelogues here: mikelewisimages.com
Mike Lewis is offline   Reply With Quote
Old 08-21-2019, 11:09 AM   #9
Senior Member
 
Iowa Dave's Avatar
 
Join Date: Aug 2015
Location: Benton County, Iowa
Trailer: 2013 Escape 21 Classic Number 6, pulled by 2018 Toyota Highlander
Posts: 4,286
String of expletives

Quote:
Originally Posted by Mike Lewis View Post
My favorite computer security story involves the Speak 'n' Spell (or whatever it was called) toy back in the '80s or early '90s. A kid could type in a word and the toy would pronounce the word. The toy's makers didn't want the kids to be typing in bad words and hearing them, so it had a list of words stored on the device that the toy wouldn't pronounce if typed in.

Well, eager kids and horrified parents soon discovered that the toy had a bug: if you pressed its keys in a certain way the toy would start pronouncing all of the bad words, in a stream of expletives one after the other. Ha!
Toy makers probably got the expletive string working in a hot packing house. That’s where I perfected mine. Frustration or cutting yourself was the trigger, no button was pushed. We all made the same base wage with small upgrades for more difficult jobs. Women were total equals and as such had great expletive strings of their own. It was almost like the brag of frontier riverboat man Mike Fink.
Iowa Dave
__________________
Strike while the iron is hot. Live every day as if it were your last and one day you will be right.
Dave
Iowa Dave is offline   Reply With Quote
Old 08-21-2019, 12:06 PM   #10
Senior Member
 
escape artist's Avatar
 
Join Date: Oct 2008
Location: St. Thomas not BVI., Ontario
Trailer: 2014 Escape 5.0TA / 2016 Ram Eco Diesel 4X4
Posts: 6,217
Quote:
Originally Posted by cpaharley2008 View Post
I thought that they could not spell and forgot to add a "S" to the first word....
Hi: cpaharley2008... No they just had to get the "S" outa there!!! Alf
escape artist N.S./ of Lake Erie
__________________

__________________
Quote Bugs Bunny..."Don't take life too seriously, none of us get out of it ALIVE"!!!
'16 Ram Eco D. 4X4 Laramie Longhorn CC & '14 Escape 5.0TA
St.Thomas (Not the Virgin Islands) Ontario
escape artist is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off






» Featured Campgrounds

Reviews provided by

Disclaimer:

This website is not affiliated with or endorsed by Escape Trailer Industries or any of its affiliates. This is an independent, unofficial site.


All times are GMT -5. The time now is 12:15 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Copyright 2012 Social Knowledge, LLC All Rights Reserved.
×