Change user password

I want to change forum password but it looks like there is no way to do it.

  • Click your username icon, next to the hamburger menu.
  • Select the person icon.
  • Select Preferences.
  • Select Security.
  • Click Send Password Reset Email.
2 Likes

“Password reset” is really confusing one, I mean you usually reset password when there is an issue logging into account, but OK…

Thanks for help

I recall Grokkit was looking for an adequate forum template/plug-in or whatever it is called when the old one stopped working right. He had several criteria to meet including the preformatted code capability. If you know of a better option, you may suggest it. I’ll try and find that post where he was asking for suggestions/feedback.

The best way I can suggest is to merge your account into an office365, GitHub etc and use that as your login.

Thank you,
James Petty
CEO
The DevOps Collective INC.

1 Like

OK, thank you.

I’m asking because I’m reguralry changing online passwords and I stuck on PS forums but now it’s all fine.

Wow … :thinking: … did you know that this is actually not recommended anymore?

The bottom line of all the recommendations could probably summarized as “make your password longer and do not use it twice” :wink:

And enable 2FA wherever possible.

1 Like

I recently saw that. The thinking is that if you have a very strong password (and protected by MFA) then you will be less likely to use the same iteration of a password. Such as
PowerShell1
PowerShell2
PowerShell3

1 Like

totally … I forgot that … .thanks …

Or even better … use authentication without password. :wink:

NIST says

But analysis of typical end user behaviors has led to a much different conclusion. One of the primary conclusions being that forced password changes merely results in forcing past bad behaviors around password management to occur more often without really addressing risk in any significant way. Individuals simply construct another bad, easily guessed password that is easily cracked or create their own transformations which are easily reconstructed by criminals. For example, adding a digit to the end of the password and merely iterating that digit each time a password expiration takes place.

Forcing frequency also generates more data around how human derived passwords are created, feeding better predictability. Criminals now have the ability to leverage predictive analytics and artificial intelligence in such a way that aggregated password intelligence over a confirmed identity profile can lead to greater accuracy in predicting likely new passwords especially in cases where incentive exists to target an individual (such as a C-level executive, a government official, or a celebrity, etc.)

While NIST staff said nothing wrong, this only applies to dudes that use passwords like:
password1234 or
Secret1
Secret2

There is no hope for these dudes, unfotunately…

I use password safe which has password generator built in and let’s me regenerate strong password, and it also let’s me keep history of passwords for recovery of online account if asked for old password.
Autotype feature protects me from malware stoling passwords from clipboard.
And virtual keyboard that is also part of password safe ensure that keylongers are useless if found on my PC.
A bunch of other features are in there worth considering but I’ll leave it to interested users.

Given this I do recommend to change passwords often but under some conditions:

  1. new password generation must be transparent such that it never goes to clipboard.
  2. changing password is must do when system is fresh installed, that way passord stealing malware is defeated
  3. not recommened to change password over clipboard in old system because it may be compromised and there is no way of knowing it, if you use password manager on possibly compromised system it’s better not to change password.

Microsoft has also recommended changing password expiration policy. MFA is really the best answer at the moment for actually securing identities.

**** Dropping the password expiration policies.****

There’s no question that the state of password security is problematic and has been for a long time. When humans pick their own passwords, too often they are easy to guess or predict. When humans are assigned or forced to create passwords that are hard to remember, too often they’ll write them down where others can see them. When humans are forced to change their passwords, too often they’ll make a small and predictable alteration to their existing passwords, and/or forget their new passwords. When passwords or their corresponding hashes are stolen, it can be difficult at best to detect or restrict their unauthorized use.

Recent scientific research calls into question the value of many long-standing password-security practices such as password expiration policies, and points instead to better alternatives such as enforcing banned-password lists (a great example being Azure AD password protection) and multi-factor authentication. While we recommend these alternatives, they cannot be expressed or enforced with our recommended security configuration baselines, which are built on Windows’ built-in Group Policy settings and cannot include customer-specific values.

https://docs.microsoft.com/en-us/archive/blogs/secguide/security-baseline-draft-for-windows-10-v1903-and-windows-server-v1903

1 Like

The word “humans” make me think of some futuristic AI movie coming to reality.

wow, we humans are obsolete and need roobots and AI to lead us forward lol. :smiley:

1 Like

Lol that is funny they used that word. Why not say people?