To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 5487
    New feature: Article rating Todd Lehman & Suzanne Rich
   LUGNET's article rating system is now running and hungry for input! As the community continues to grow, so does the challenge in keeping up. Some days it can be difficult to find exciting content among the hundreds of new messages. To aid browsing, (...) (25 years ago, 26-Mar-00, to lugnet.admin.general, lugnet.announce) !! 
   
        Re: New feature: Article rating —Richard Franks
     This looks really neat! :) Is there a table with the top articles on it? There's little point voting on something from a year ago if no-one will see it :) Richard (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Todd Lehman
     (...) It's on the "to-do" list. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Larry Pieniazek
     I really want the ability to set my own password. I've lost my password somewhere and don't have a prayer of remembering what it is. SO I can't rate my articles 100 and Todd's 0 until I either find it again or get my pw set to something easy for me (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Kevin Salm
      (...) So I suppose Todd is going to have to call you on the telephone again to give you your password. I guess that we can forgive you as you have recently moved into a new home and that can increase anyones confusion/disorganization factor. Are you (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Larry Pieniazek
        (...) No. I just couldn't think of a place to put it. I don't write on my laptop screen and the plastic around the edge is black. No other place is likely to be always near me. I forgot to put it into my top secret password file. (which is used (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Todd Lehman
      (...) Probably there will be a way to set an additional password to use on top of the main password as a simple sign-in/sign-out layer, or to choose one of several machine-generated passwords. (...) By design, that is impossible. There is no way to (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Richard Franks
      (...) Actually, I'd seen someone rating quite a few of your articles highly, and I kinda assumed that it was you :) :) My password is kinda easy to remember as passwords go, containing my initials, a single repeated digit and a naff name that I (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Todd Lehman
      (...) It would be a total coincidence, yes, and BTW you shouldn't be giving away details like that about your password. You just made it 2,050 times easier for someone to brute-force crack your password. :-( --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Mike Stanley
     (...) Yeah, I don't think I've ever "signed in" simply because I can't bother to keep up with another password I didn't pick. Once I hear I can login ONCE with this password I refuse to put any effort into holding onto or remembering and change it (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Larry Pieniazek
       (...) Totally agreed. Machine generated, unchangeable passwords get written down. That compromises them. If this system is so important that security is paramount over ease of use (which I have a hard time seeing, it doesn't control human lives or (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Eric Joslin
      (...) Currently you *can* login "ONCE" by selecting "never log me out" (or something similar, I don't remember the exact wording). I logged in once at home, and have never re-entered my passwd. When I come back and dial up, opena browser, and go to (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Larry Pieniazek
        (...) I use too many machines for this to be useful to me. Plus I lose my cookies (sounds kinda gross) often enough on the machines I DO use on a regular basis. (...) Disagree strongly. If the spiffy new feature isn't usable because of an easy to (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Eric Joslin
        (...) That must be a lot of machines. I use one at home (which happens to get multiple IPs from dynamic IPaddressing from my ISP, but that makes no difference in the way that the Lugnet server sees me, thanks to cookies) but I use one of a pool of (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
       
            Re: New feature: Article rating —Mike Stanley
        (...) Well, in that LUGNET should "accomodate" the ability to set your own password (something _every_ online store/site I use does) yes. And I doubt Larry is losing his cookies due to "user error". Saving your password in a cookie is nice, but its (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Mike Stanley
       (...) Ditto to that. I currently can (and do) access Lugnet from at least 5 machines at home, 3 machines in my cube at work, and any number of machines scattered around campus (what else am I supposed to do while waiting for a server to do something (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Mike Stanley
      (...) That might be fine for home (or maybe it wouldn't be - maybe my wife and I share a computer to access LUGNET (we don't, since I have more than a few computers, but we could)?) but it wouldn't work for work. My LUGNET packet is sitting in my (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Eric Joslin
      (...) Why would you have to keep track of it if you were always logged in? You'd type it in once and that would be that. Trust me, my job requires no small amount of passwds to be remembered by me, too. (...) Who said all the new features were going (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Mike Stanley
      (...) Yeah, but the point is we ARE right. You're not concerned about it, Todd may not be concerned about it, but the market backs us up. Can you change your password at Amazon.com? BN.com? Any other major online retailer you care to name? How about (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Eric Joslin
      (...) In your opinion. And I am right in mine. (...) And how is Lugnet a retailer, exactly? Look, I'm not saying that I wouldn't like to see the feature. But I don't think it's "broken" in any way, I don't think it's "unusable" by a "majority of the (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Mike Stanley
      (...) Can you name a major website with the sort of long-term goals that LUGNET has that sides with your "setting your own password isn't important" opinion? (...) Well, did you read the rest of that paragraph? eCircles isn't a retailer - it is a (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Eric Joslin
      (...) A password system that, I remind you, controls your access to *two* things- neither one of which even approaches being essential to normal use. (...) I think that Todd's reasoning, posted elsewhere in this thread, is well-thought-out. Trying (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Mike Stanley
      (...) Well, there you go. I didn't even know there was something else that required you to sign in to access it. So that is two features right now that I cannot access (as a paid member) unless I choose to compromise the same security these silly (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Larry Pieniazek
      (...) It's been a month since this was brought up, just about. Any sort of timeline on when we can expect a fix? Reminder, not being able to change passwords means passwords are broken. It's that simple. ++Lar (25 years ago, 21-Apr-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Todd Lehman
      (...) It's been far more than that. It was first brought up in November. (...) Likely before the end of April. It's not a crisis situation. (...) Heard you the first 3 times. Agreed twice. --Todd (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Todd Lehman
     (...) You can sign in once with your password and stay permanently signed in. (Simply use the middle radio button at the Sign-In page.) --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Mike Stanley
     (...) So what do I do when I login at a publicly accessible machine in a lab? What does anyone in a college environment do? People who are lucky enough to have a spouse who reads (and has a membership) at LUGNET but uses the same computer? To be so (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Larry Pieniazek
      (...) And how secure is that? I'm sensing that you're dug into this position and are now in Defensive Mode. Whatever. Fact is, I use a lot of different machines, not all under my control, sometimes at a different client each week. Cookies in that (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Todd Lehman
       (...) Well, obviously, don't do that on a machine that's not under your control. That's for your home system or your laptop -- whatever you use regularly. (...) No, not dug in, just a bit skeptical and need to think changes through carefully. No (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
      
           Re: New feature: Article rating —Mike Stanley
        (...) I'm thinking of the fairly large percentage of UTK students who live in the dorms but don't own computers. Those kids use my labs (or various friends' machines) for all of their net business. (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
       
            Re: New feature: Article rating —Richard Franks
        (...) Or the non-US people who have to pay for access and will spend most of their internet time on machines at university or at work. Richard (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
       
            Re: New feature: Article rating —Peter Callaway
        (...) You guys have got it worse than most. Timed local calls! Which donkey let that one go through? Probably the same donkey that wants to implement it here! At least I can have my home machine permanently wired into the web for hours and it only (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)
      
           Re: New feature: Article rating —Larry Pieniazek
        (...) Mode. (...) OK, make me confirm my confirm (each time warning the non geeky that maybe, just maybe, they ought to use the one the were given) when I go to pick my password, then subject it to a few quick checks to see if it was a good choice (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
       
            Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
        (...) OK, I've done more research into human factors of passwords and have crufted together[1] what I hope is a rather froody password checker. First, it's got a _moby_ database of more than 2.7 million words, names, phrases, numbers, and other (...) (25 years ago, 30-Mar-00, to lugnet.admin.general) ! 
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
         (...) just a suggestion - have it also check against known personal info - like name, initials, birthday, etc... also Jenn pointed out you should check against obvious words, like lugnet, lego s@h, etc... :) I can't wait to try it out... Great job! (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         (...) Right! do all the really obvious checks first (the ones that would say things like "you know, using your first name may not be a good choice for a password") to save cycles. Well, let's have at it, I have some pw's I'd like an opinion on, and (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
         (...) good idea :) (...) just curious - how do you know what your users set their passwords to? ;) Dan (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         (...) It's my box, and it's going to a show, I was there when the password was set and I know it's not a very good one. But despite being the PM of the project I don't just want to stamp my foot and make them change the password, I'd rather provide (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
        (...) OK, here it is: (URL) summary: Type in a password and it tells you "pass" or "fail". First important question: Are there any bad passwords which this fails to reject? (If it rejects a seemingly good password, that's not necessarily a problem. (...) (25 years ago, 30-Mar-00, to lugnet.admin.general) !! 
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         (...) it got a "adequate". Sorry, I can't tell you what it is right now, though. Handy tool. Appreciate your making it available. ++Lar (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Scott Edward Sanburn
          (...) stunning, but (...) Indeed. I got an excellent. : ) At least I got some decent passwords, if nothing else! Scott S. (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) A couple questions about its structure...I don't know if you can answer these but it seems like you could maybe: Without giving away any hints about what it was, why did you think it was risky? Did it contain a word? Did it contain a word (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
          (...) If I even say that I can't answer without giving a hint, that's a hint. Therefore: I can't answer without either giving or not giving away hints as to what it is. :-( ++Lar (25 years ago, 30-Mar-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) Bummer -- that makes me suspect that it really truly is a horrible password then (as you surmised, and pointed out to your coworker). Yet it passed, which makes me nervous. Welp, if you someday are able to convince your coworker that this (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
          (...) I can say this much. It's not your tests. It's the context. Just like your tests give (hypothetically speaking) Lugnet123 a so so score because Lugnet isn't a word, but we know that lugnet isn't a very good root for a password to lugnet (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) OK, that helps...that's all I need to know...thanks! (...) Yup! (Although "Lugnet" is a word in Swedish, and it finds this. :) (...) Yup! I don't think I'll lose any sleep over it. --Todd (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
         On Thu, 30 Mar 2000 12:28:05 GMT "Larry Pieniazek" <lar@voyager.net> wrote concerning 'Re: Automated password appraisal (Re: New feature: Article rating)': (...) heh, it might be interesting to see a log of the passwords... though I'm sure that Todd (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Jennifer L. Boger
          (...) dang... I'm terrible... though, i did find one that got a %507... :) thanks todd, i love this :) (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) I really would love to see how the failure, but it's not work the risk to log them, just as it's not worth the risk to store raw, non-crypted passwords. In the end, this can never be perfect, and I'm sure it will end up accidentally passing (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Selçuk Göre
          Wow, your wordlists are just nice. They even knows me and my wife..:-) Selçuk (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) Cool! And thanks for checking! --Todd (25 years ago, 31-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Stephen F. Roberts
         (...) ...Hmmm. I dug up old passwords from long dead servers (don't u hate it when u remember passwords, but not the login id? :-) ...But anyway, I tried '4Gxc5t'... it came back failed but its reasoning was strange... (try it urself :-) the 'slight (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) For one things, it's being a bit too harsh on numeric->alpha conversions like 4->A and 3->E...it should divide the intermediate results by 2 or something internally while computing the score after a transformaion like that. (...) They might be (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Frank Filz
         I have a suggestion, you may want to test substitute things like "!" as a substitute for "l" or "i". Have you thought about vowels being dropped and K/c substitutions. I have a password which I would consider a worthless password the way you are (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) You mean, change from checking !->i to checking both !->i and !->l ? (It does currently check !->i -- did that not work for you in some instance?) (...) Good idea! (...) Lemme see about the above suggestions and then you can try it again later (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Frank Filz
          (...) Ah, checked again, it didn't detect "7!" as a mapping for "li", but did detect "7i" as "li". It did reject both passwords though, but it had a lot fewer problems with the "7!" version, and the level changed from "worthless" to "weak". (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) Hmmm...not sure how to go about doing this... The way the checker achieves its speed is by looking up all substrings in its dictionary rather than passing every single diciontionary word over all substrings (which could take hours). So, for (...) (25 years ago, 30-Mar-00, to lugnet.admin.general) ! 
        
             Re: Automated password appraisal (Re: New feature: Article rating) —David Schilling
         (...) The way I've done something similar in the past is to create a larger dictionary: create a temp file with all words having their vowels removed, and do the c/k mutations too, if desired. Sort and remove duplicate entries. Finally, merge back (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) OK, so work it backwards, IOW. Cool. That sounds doable, and wouldn't even increase the time it took to evaluate pw's by more than the tiniest percent. (...) Well, if the dictionary grows from 2.7 million to 3.5 million entries, that's OK -- (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Richard Franks
         (...) It allows: a1b2c3, but fails 1a2b3c, I thought it would (and probably does) check for numeric sequences? (...) It fails: LL-918 as worthless, but gives LL-928 an excellent :) Maybe you should add lots of LEGO set names and abbreviations? EG (...) (25 years ago, 30-Mar-00, to lugnet.admin.general) ! 
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
         On Thu, 30 Mar 2000 16:30:51 GMT "Richard Franks" <spontificus@yahoo.com> wrote concerning 'Re: Automated password appraisal (Re: New feature: Article rating)': (...) heh, my lugnet password came up weak (FAIL)... my personal password came up ok (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Richard Franks
         (...) You could make it stricter I think, send out an email warning with a code# to the member, and block access until they have replied. You could either use the code# to automate unblocking the account, or as part of a manual check. The code# (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Jacob Sparre Andersen
         Todd: (...) Grasp your French MacKeyboard. Start with the 'a' (upper left letter), next you go one up to the '&', then you go one right to 'é', one down to 'z', one right to 'e', one up to '"' (double quote), one left to ''' (single quote), and (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) It catches the isomorphic QWERTY instance of this ("q12we34r") but I'd love to add xy-tables for Dvorak and non-US keyboards. Any data pointers? (...) That's a sneaky one! :) (...) Ooh -- I'd better make sure that it dislikes [0-9]+[xX][0-9]+ (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
          (...) I could probably write one for hebrew keyboard, if you want... what format do you want it? :) Dan (25 years ago, 30-Mar-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) Cool! OK, how about like this: ---...--- QWERTY 0 0 ~!@#$%^&*()_+ 0 0 `1234567890-= 1 1 QWERTYUIOP{}| 1 1 qwertyuiop[]\ 2 1 ASDFGHJKL:" 2 1 asdfghjkl;' 3 1 ZXCVBNM<>? 3 1 zxcvbnm,./ ---...--- TIA! --Todd (25 years ago, 31-Mar-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
          (...) hmmm... I guess I wasn't thinking when I posted... the english part of the herbew keyboard is exactly the same as the US one... The hebrew part of it, cannot really be expressed in ASCII, so I guess my offer was meaningless... sorry... Unless (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
           (...) Sure! If it's not the one at Oxford[1] University, pls. send URL! :) --Todd [1] I always think that looks like a hex number :) (25 years ago, 31-Mar-00, to lugnet.admin.general)
          
               Re: Automated password appraisal (Re: New feature: Article rating) —Dan Boger
           (...) ftp://sable.ox.ac.uk...wordlists/ :) Dan (25 years ago, 31-Mar-00, to lugnet.admin.general)
          
               Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
           (...) Yup -- those are the ones from Oxford! Great lists!!! --Todd (25 years ago, 1-Apr-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Shiri Dori
          (...) LOL... that reminds me. My sis used to use a password for this game we had, she was just 4 and needed something she could remember, when all she knew to write was her name. But she didn't want something SO obvious (never mind that I helped her (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) OK, try that again now. Seeing that this site is LEGO-related, it's best to treat "x" and "X" as part of numeric stuff. In fact there are many other things besides 'x' and '=' which are numeric-related. :-o It now very much dislikes numerical (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Robert Farver
          (...) You might want to add ^ for exponentiation. I just posted a list passwords that passed, including 4 variations of the Theory of Relativity. Rob - Rob Farver - mailto:rfarver@rcn.com (2 URLs) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) Ah yes! --Todd (25 years ago, 31-Mar-00, to lugnet.admin.general)
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Selçuk Göre
          By the way, for the special characters, it knows what "selcuk" is but doesn't know the "selçuk", which is actually the correct form. Do you want any Turkish wordlists? Selçuk (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) I haven't decoded the ASCII+127 yet on those...sorry. (...) I would love them, if you have any in their native ISO-8859-# encoding. --Todd (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Frank Filz
          Todd Lehman wrote in message ... (...) [0-9]{4} . (...) to (...) longer (...) Waahh, now it hates one of my passwords... Hm, would you consider parametizing some of the things (or is the code something easily portable)? I'd like to check passwords (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Frank Filz
           Frank Filz wrote in message ... (...) appropriate (...) Thought of another reason to allow parameters or options to the checker... Some systems have restrictions on length of password, some systems are not case sensitive, some systems may not allow (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) Down the road prolly... Gotta get this cut over ASAP and get the pages stuff finished up... Did it give you enough flexibility that you could find something it liked that you could use? (That's it's only real purpose, even if it happens to be (...) (25 years ago, 1-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         In lugnet.admin.general, Todd Lehman writes: <pw checker, play away... some design notes> Played with it some more and I am not sure I totally trust it. It thinks MT-5561 is a GREAT password and LEGOSystem4558 is a really bad one. I'm happy to (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Robert Farver
         (...) I've been playing with the 5 character passwords trying to see how high I can get. So far I've got a 156% (Good). Rob - Rob Farver - mailto:rfarver@rcn.com (2 URLs) (25 years ago, 30-Mar-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         In lugnet.admin.general, Todd Lehman writes: <pw checker, play away... some design notes> Oh, and can you post the rank order list somewhere on the page or something? That is, is Outstanding better or worse than Bravissimo! Thanks. ++Lar (25 years ago, 30-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —James Brown
         (...) Inconsistent results. It quite happily failed obvious stuff like "James1" or "Galliard" or "June15", but also missed some glaring ones. For example, it failed my Social Insurance number, but only because it was all from 1 keyboard row. It (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) Try again now. :) (...) It doesn't check for up/down/left/right keyboard shifting, no. (...) It doesn't check for cross-keyboard translations either, no. If I can get my hands on more keyboard xy tables, maybe I can check for these too. (...) (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Kevin Salm
         (...) Okay, what is left?? I am wondering what kind of imagination I will need to generate an acceptable password. So far I have had no problem generating passwords that exceed 300% acceptance, but if the acceptable parameters continue to become (...) (25 years ago, 5-Apr-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Kevin Salm
         I guess this can be fun. With a bit of tweaking here and there, I just generated a password which returned a 1269% approval rating. Anyone think they can top that? __Kevin Salm__ (25 years ago, 5-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Ed Jones
         (...) [snip] (...) Very interesting results. It seems to LOVE NASD and NYSE rule numbers: NASD15a-6 got a 252% What is the percentage range that will display? Its very hard to tell what is really good or bad by the percentages that display until you (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Ed Jones
          (...) It likes the Uniform Commercial code even better: UCCart8-9 - 368% Excellent However, LUGNETTODD - gets a "terrible" :') (25 years ago, 30-Mar-00, to lugnet.admin.general)  
         
              Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) OK, try again now. It should dislike the "8-9" part enough to fail it. --Todd (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) OK, try again now. (BOY is this thing getting picky now about numbers and stuff. I hope it's not getting too restrictive. I'll have to stop tinkering at some point soon.) (...) Theoretically infinite in both directions. It's just a number, and (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Steve Bliss
         (...) How about some of the following? They seem topically weak to me. lg*mnfg - 389% excellent shp@hm8354386 - 236% great m:trn6989 - 272% great Steve (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Scott Edward Sanburn
          (...) I got a 421%, and then a -125%. Very interesting, i might have to switch some of my passwords here now! :) Scott S. (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) Not sure how to detect this...it isn't that terrible anyway, is it? (I can see that it comes from "lego*minifig" but it's still probably strong enough?) (...) Now gives a -1030%. (...) Now gives a 200%. If LEGO sets weren't an issue it would (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Richard Franks
         It really likes: fnark-5- (345%) but hates: fnark-5-lego (-104%) Surely that's squiffy? Or is it based on the theory that being able to guess the 'lego' part will make the 'fnark-5-' more obvious? Richard (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
         (...) It's a side-effect of downrating fluffy portions even though they don't hurt. That is, if you have a wicked strong 8-character pw (call it "X" for short), then even though "Xlego" is no worse than "X", it takes points off for the fluffy part (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         (...) I am starting to think that this password checker, in its current form (which I'd like to see left accessable as it IS useful) shouldn't actually block a password. It should tell me that "maybe this isn't a good choice" but it doesn't know (...) (25 years ago, 30-Mar-00, to lugnet.admin.general) ! 
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
          (...) Yum, yum! :-s Well, ya gotta also figure that decreasing the safety margin from 100,000 to 1000 is one thing (bad -- and I don't think that's case here), but decreasing it from, say, eleventeen hundred quintrillion down to fifty-seven (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Selçuk Göre
          Larry Pieniazek wrote: <snip> (...) I'm not a guru on the subject by any means, but while an attacker using wordlists and trying to crack a password with bruteforce or something like, I mean, by trial and error, I think any combination of dates are (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Larry Pieniazek
         (...) from (...) ALL (...) that (...) numbers (...) This was a hypothetical example. Dates are not actually good passwords, but they're easy to use to demonstrate differences in context. my birthday is a bad password for me (one of the first few (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Alan Gerber
         (...) I got p@$$\/\/0?oI through it as a 169. Mwhahahahahahaha! Alan (25 years ago, 30-Mar-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Alan Gerber
         (...) I meant to put in p@$$\/\/0roI in, but messed up. p@$$\/\/0roI got a 100% Alan (25 years ago, 30-Mar-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Robert Farver
         (...) Formulae: e=mc^2 - Great (266%) E=mc^2 - Excellent (303%) e=m*c^2 - Outstanding (556%) E=m*c^2 - Outstanding (594%) Keyboard runs: zdt7cgu9 - Outstanding (491%) zcbmadgj - Outstanding (462%) zfu0xgi- - Outstanding (529%) Software Titles: (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Christopher L. Weeks
         Neat Todd! (...) It thinks <({})> is fine 250% and doesn't detect it as a pallindrome even though it is from a human point of view. You might want to add something that recognizes stuff encapsulated within open and close of the same type of (...) (25 years ago, 2-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Shiri Dori
         (...) Ouch... it passes @%)^*$, which is a +shift version of my birthdate. Now that's a bad password! Just like it doesn't allow an only numeric sequence, or an only alphabetic sequence, it should not allow an only spec. character sequence. -Shiri (25 years ago, 2-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Bram Lambrecht
         (...) the ~ key (without pressing Shift) Here are the keyboard rows: 0 1 å/-À¶ØÖ¤µ¨¢ª 0 1 +ñòóôÙßõö÷øù 1 1 æäÓ¾ÐÑÕùºţ 1 1 ð"®±¸íê³Ï­°,¥ 2 1 ¿Ë¡´àéèÒÊǧ 2 1 Ħ¯â¬çëÉÈ«. 3 1 ¼»áÍÔ×·Áã½ 3 1 ()©ÎÚì?²ÌÆ Might want to take that into consideration... (...) (25 years ago, 2-Apr-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Ben Roller
         (...) The checker should equate the following IMHO: |_ L + t < k ~ n \/ V () O or 0 "\/()+eF0rMe" (Vote for Me) for example gives a 788% success rate. "|_uGn3+" which is a complicated way to write "Lugnet" passes with 481% "|_eGoBr|<K5" (LegoBricks) (...) (25 years ago, 2-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Susan Hoover
         (...) the wrong way. "Toy" as in "geek thing to play with" rather than as in "insignificant".) (...) Yes! Several passwords of the form "[l3G0]" (with brackets but without the quotation marks) get an adequate passing grade of ~149%. Try things like (...) (25 years ago, 12-Apr-00, to lugnet.admin.general)
        
             Re: Automated password appraisal (Re: New feature: Article rating) —Susan Hoover
         (...) Ugh. "[l3G()]" gets a 506% passing grade. (25 years ago, 12-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Matthew Miller
        (...) 1. Can you use https for this? 2. How about a 'passwords submitted aren't logged' privacy statement? Why? 'Cause it's so cool I was instantly tempted into typing in old passwords that I no longer use, and was almost tempted into typing in (...) (25 years ago, 12-Apr-00, to lugnet.admin.general)  
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Todd Lehman
        (...) What's involved in setting up an https server? I remember reading once upon a time (it must've been about 2 years ago) that it could be kind of a mess, and that connections often took 1 second to authenticate. That would be a problem for (...) (25 years ago, 13-Apr-00, to lugnet.admin.general)
       
            Re: Automated password appraisal (Re: New feature: Article rating) —Matthew Miller
        (...) It's not too hard. But I forgot; you're using a web hosting place. (Pair?) Depending on what level of service you're paying for, you may already have ssl support. (Or conversely, it may not be an option.) (...) I've not noticed that bad of a (...) (25 years ago, 13-Apr-00, to lugnet.admin.general)
      
           Re: New feature: Article rating —Shiri Dori
       (...) Yep, you can be sure he's not the only one. I have two computers at home, but regardless I often get online from the school library or the ESL room (1). At those times I can only read, not post or rate or anything. OTOH, when I want to read my (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)
      
           Re: New feature: Article rating —Tom Stangl
       I log on to Lugnet on a minimum of 4 different machines, 2 from home, 2 from work, and may be logging on from my Libretto on the road this summer. So anything making it easier to log in and have settings be the same, the better. (...) -- Tom Stangl (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Eric Joslin
      (...) Depends on the location. Clearly, as both you and Mike are capable of pointing out, there are inappropriate places to use that tactic in. That just means there are places you can access Lugnet from that you can't use all the features from, (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Mike Stanley
       (...) ^^^^^^^ That's actually a bad thing, imo. I don't know when this changed (and sometimes I am glad it did) but I don't really like the fact that I can post AS ME from any machine simply by typing in my name and e-mail address. I _think_ this is (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Eric Joslin
       The main thrust of this whole conversaion has gotten very far away from my original point, which I feel I made just fine, but: (...) My vote would be to keep Lugnet a place where you can post from any interface without paying for a membership. There (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Todd Lehman
        (...) I agree. But if Mike's suggestion is taken a little differently, i.e., "I think _I_ should have to sign in to post via the web interface." ...then that's probably a good thing. Once you do decide to beomce a member, you should (it would be (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
       
            Re: New feature: Article rating —Shiri Dori
        (...) Me 2. (...) Definitely. I also think this should be possible even if you're not a member, but that's just my view of it. (I'm a member, so I'll have that anyway :) Oh, and Todd...? Todd wrote: (...) ^^^ Your second three-letter switch in a (...) (25 years ago, 30-Mar-00, to lugnet.admin.general)
      
           Re: New feature: Article rating —Mike Stanley
       (...) Then implement a username/password system that doesn't require a membership but can accomodate one. Pretty simple, just have a membership field in the record. People who are just trying it out can read and post, but not access member-only (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Larry Pieniazek
      (...) Don't assume you know what I'm assuming! However, you didn't refute my points, I note. Just glossed over them as "not convincing enough"... So something that is less secure and harder to use is better in your book? ++Lar (25 years ago, 27-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Eric Joslin
      (...) Touche. :D (...) No, I feel that I explained well enough many times why I feel that the current system is fine, and why you don't have to carry around a card with your passwd on it. Several times. And I don't care to again. So, since you (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) Use either the top radio button and close the browser when you're done, or use the bottom radio button and set a timeout like 1 hour in case you forget to sign out manually. (...) Leave yourself signed in, or sign out manually when you're (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Mike Stanley
     (...) But I don't _want_ to, and to suggest that as an alternative to carrying around a machine-generated password seems a little boneheaded. I don't _want_ to leave myself logged into Lugnet just like I don't _want_ to leave myself logged into (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) Thick-skulled, maybe...dunno if I agree about boneheaded. :) I guess next time I'll hafta read your mind. I only had what you wrote to go on -- which seemed to be implying something false. I was only replying to point out that it -was- indeed (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Mike Stanley
     (...) Same thing? :) (...) Yes, although I would say use that new password every time. I don't cache passwords other than at home, and not all the time there. (25 years ago, 27-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Todd Lehman
     (...) Just a side note about the sign-in cookie... Your member ID and password are stored in the cookie, but in murfled form. Thus, if someone is able to steal your sign-in cookie, they can impersonate you, but they still won't know your password, (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
   
        Re: New feature: Article rating —Bruce Schlickbernd
     (...) correlates (...) opinions without being able to inflict ours on others (well, numerically speaking). :-) Bruce (25 years ago, 26-Mar-00, to lugnet.admin.general)
   
        Re: New feature: Article rating —Dan Boger
     cool! I also like where it says "you just rated this message" and "2 minutes ago you rated this message" :) now, what about putting an X-message-rating in the outgoing mail/news so we can see the rating of messages in our newsreaders/mail? Shouldn't (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Todd Lehman
     (...) Easy to do in the outgoing mail, very hard to do in the outgoing news. But almost all the outgoing mail goes out within 60 seconds of the article being posted, so they'd all say 50 anyway. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Dan Boger
     (...) Doh! didn't think of that... hmm... what I was getting at is that the avid.cgi will spit it out... since most users can't/wont modify their newsreaders anyhow, it'll only help those of us that use a custom made reader anyhow... :) Dan (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Todd Lehman
     (...) Maybe a header could be snuck in there, yeah. Or maybe there should be a counterpart to avid.cgi (or a URL-line switch) to fetch (for updating) the latest article ratings without having to fetch the bodies again. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Kevin Salm
      (...) MAYBE Lugnet should publish a newsreader for NNTP purposes. I am sure that Todd could do it and could certainly get assistance from other Lugnetters. It may be the copywrite/proprietary stuff that will get messy. Whattaya think Todd?? Ever (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Todd Lehman
      (...) Sproat is working on something really cool. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Kevin Salm
      (...) Excellent. In my mind, he certainly seems to be the best candidate for such a thing. Makes me think I should get some training in computer language and programming as I do not have any knowledge of such things. Certainly would widen the career (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Ben Roller
     (...) I think that a URL-line switch for this would be great. Now if only I'd become a member sooner so that I could have my membership packet by now. :) Ben Roller (25 years ago, 26-Mar-00, to lugnet.admin.general)
   
        Re: New feature: Article rating —Bram Lambrecht
     (...) That'll require my password...I hope this doesn't sound pushy, but when are the 260's packets going out? --Bram (25 years ago, 26-Mar-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Todd Lehman
      (...) Monday morning...? --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Todd Lehman
      (...) An apology -- these are still sitting. Thought the pw stuff would go a lot smoother. Really want to get the pw stuff ironed out before subjecting any more people to those awful machine-generated default pw's. I'll post again tomorrow saying (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Bram Lambrecht
      (...) OK. I can wait a little longer :) --Bram (25 years ago, 1-Apr-00, to lugnet.admin.general)
    
         Re: New feature: Article rating —Kevin Salm
     (...) the (...) Be patient. Todd gets them out relatively quickly, I think. Certainly faster than Auczilla winnings--much less counting and packaging. At least I was happy with the short time it took for my member packet to arrive. Speaking of (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Richard Franks
      (...) I have to "me too" here - I especially like the idea of the visual-community with road-layouts based on Pac-Man levels :) Actually, one of the nice things about reading through that plan is that it does have little things like that in there - (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) Tom Joined within a matter of hours, as soon as learned that we were accepting payment via PayPal. (...) Nope, never. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)
   
        Re: New feature: Article rating —Richard Franks
     (...) In my initial excitement, I missed the above - that's a really cute idea! Although if it correlated two people that liked the same themes there may be fights in TRU :) The ability to change how much you score the article is cool, and it (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
   
        Re: New feature: Article rating —Alan Gerber
     Could you put up a thing that lets each person view their average rating? Alan (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
      (...) The database doesn't track that. It actually doesn't even know that it's tracking news articles that have been posted by individual people. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Kevin Salm
      (...) Plus, article scoring is not a popularity contest. It is intended to save time for readers and also to help direct readers towards messages that have the best content on the subject they wish to read about. If you think you may be concerned (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
     
          Re: New feature: Article rating —Richard Franks
      (...) Agreed! (...) I think questions should be voted - especially if the answer is wanted by a lot of people, but does that mean that the question post should be voted lower once it has been answered? From a "Show me all the best articles" (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Todd Lehman
      (...) Elapsed time (or article age) will be a parameter to that display, yes. Selectable at view-time, and using some kind of bell curve to weight it. --Todd (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Richard Franks
     (...) IMHO it should be more information-centric than person-centric - it shouldn't be whether a person posts lots of good posts or lots of bad posts (and I know you were talking about someone viewing their own rating), but what information is out (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
   
        Re: New feature: Article rating —Kevin Salm
     (...) Can't be as hungry as I thought it would be. It won't let me rate cancelled messages. A Default rating of 50 for a cancelled message seems a bit high for me. It might be more appropriate for a cancelled message to have a score of zero. __Kevin (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
   
        Re: New feature: Article rating —Ed Jones
     (...) Excellent. I do foresee one possible area that could be a problem (but I could be overreacting) - Auction/Sale/Trade announcements could all end up with a 75 rating (the initial 50 and then the poster gives it a 100). This could give a false (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) It'll probably get counter-balanced by people marking some of the more annoying ones down. Anyway, it's up to each individual reader whether or not they wish to pay attention to the ratings. (...) Do you sign in often from a public place such (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Richard Franks
      (...) I think people should be able to be fully signed in without machine-generated passwords - otherwise it is discriminating against those who use a lot of different machines. What about using the double-login idea with two distinct user-definable (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Todd Lehman
      (...) That would potentially shift some of the blame if something bad did happen to someone, but could it prevent blame or suspicions from occurring in the first place? It seems to me that such wording or agreement would not actually lessen the (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Mike Stanley
      (...) Hrmmm .... or maybe article scoring could be turned off for the market groups where listings are posted? Probably not, though, since those groups often contain discussion in addition to listings. (...) Dunno about Ed, but I read LUGNET from (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Todd Lehman
       (...) Excellent point. Thanks. You've just demonstrated that a machine generated password does absolutely nothing to ensure (as in 100%) that a password is actually unique to a particular system. It makes it more probable, but doesn't (...) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Mike Stanley
        (...) What I used to do and still do in some cases where I think people might be trying to get my passwords is to use a core word (I choose one from about a dozen Latin or Russian words, sometimes spelled, in the case of Russian, the way I like to (...) (25 years ago, 26-Mar-00, to lugnet.admin.general) ! 
      
           Re: New feature: Article rating —Robert Farver
       (...) That future world may not be as far off as you might think. I have a friend that works for a company that is working on inexpensive retina scanners for NT logon among other things. Rob - Rob Farver - mailto:rfarver@rcn.com (2 URLs) (25 years ago, 26-Mar-00, to lugnet.admin.general)  
      
           Re: New feature: Article rating —Richard Franks
       (...) Is it true that those things cause blindness after 20 years use? Richard (25 years ago, 27-Mar-00, to lugnet.admin.general, lugnet.off-topic.geek)  
     
          Re: New feature: Article rating —Larry Pieniazek
      (...) The argument here is that if you get too restrictive (requiring one non alphanumeric, for example) you cut the set of passwords down far enough that you make brute force attack easier! I tend to favor trying a few quick checks on the pw to see (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)
     
          Re: New feature: Article rating —Dan Boger
       (...) can't someone already post in your name without knowing your password? I believe all you need to be able to post is your name and email address... heh, going to test that in a sec. btw, as far as password choosing and forcing - well, I believe (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Todd Lehman
      (...) I hope you'll forgive me if I'm skeptical of that statement. I haven't studied human factors of cryptography in depth but my BS was in mathematics. I know what you're saying, and why it might be true given a certain set of assumptions, but how (...) (25 years ago, 28-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —Frank Filz
      Personally, I'd love some tips on how to pick good passwords that are easy to remember. I'll admit to using poor passwords, and re-using them. These days, one seems to need so many passwords that I can't see how you can really work well if you (...) (25 years ago, 28-Mar-00, to lugnet.admin.general)  
     
          Re: New feature: Article rating —James Brown
      (...) Yes, although if someone has enough familiarity with you (and access to you) to figure out what sites you freqent, under what names/aliases/IDs, and crack (or attempt to crack) enough of your passwords to establish a pattern, you've got bigger (...) (25 years ago, 28-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Ed Jones
     (...) annoying (...) Good point. (...) I sign in from various workstations in various training rooms in 2 different buildings. (...) Until you added Article Rating, the only function a member could perform by logging in was to edit their profile (if (...) (25 years ago, 27-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Todd Lehman
     (...) This could be a polite request to people, but as Mike Stanley pointed out yesterday, there's technically no way to ensure it 100%. (Which doesn't diminish its desirability, only its effectiveness somewhat.) (...) How would you use your member (...) (25 years ago, 27-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Larry Pieniazek
      (...) Thank you. And I do agree with you that there is value in making the password hard to crack. Value to the user and value to Lugnet. Now we're just down to figuring out how best to achieve both and what the priority is... ++Lar (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Ed Jones
     (...) What I meant was that if you stated that use of your LUGNET password (as descrived above) in any other online application would automatically relieve LUGNET of any responsibility of hacking to appications other than LUGNET. (...) How about the (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) Right. But, while that is an excellent polite request to make to people, as Mike Stanley pointed out yesterday, there's no way to ensure that people will follow that suggestion -- in either direction. But it's still a good thing to politely (...) (25 years ago, 28-Mar-00, to lugnet.admin.general)
   
        Re: New feature: Article rating —Scott Arthur
     (...) (low) (...) ...just my opinion I think the score has little value without knowing how many people have read the post and have chosen not to vote - it could be argued (not by me) that these readers should register an automatic 50 score as they (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Larry Pieniazek
      (...) Interesting idea. If the server knew who saw what, perhaps! But we're not there yet I don't think, especially if we take news into account (and mail subscriptions... how is the server to know whether some one pored over it or deleted it (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Sheree Rosenkrantz
      Scott A <s.arthur@hw.ac.uk> wrote in message news:Fs38I5.Dno@lugnet.com... (...) read (...) I do not rate posts now. I am a beginner. I read in odd pockets of time as much as I can across the board category wise on a daily basis. Much in some (...) (25 years ago, 27-Mar-00, to lugnet.admin.general)  
   
        Re: New feature: Article rating —David Schilling
     I think a great side benefit of the article rating system is the fact that articles you've rated are marked with '>>'s. This alone makes it worth rating every article you read, as now you don't have to rely on having your browser remember which (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Richard Franks
      (...) True, although for those of us with a 10mb+ history file, you already know which ones you've seen or not :) Richard (25 years ago, 31-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Larry Pieniazek
     (...) Which clearly means Todd's sw knows articles we've read, if we've rated them. Let's extend that to knowing ALL articles we've read. That enables a lot of better browsing options. I would be willing to somehow mark articles as read (if we can (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) I was thinking about this the other night a bit, and I think it could be made to work. If you're willing to have it assume that you'll read anything it shows you, and you're willing to have a "mark unread" button, then that could end up being (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Larry Pieniazek
     (...) YES, I'll take a fast, possibly inaccurate way to mark read and a slow but guaranteed accurate way to unmark read. I mark read a lot more than I unmark. (...) A "nested all" tree is what I just made up to mean what you get when you press the (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
    
         Re: New feature: Article rating —Todd Lehman
     (...) Ah, YES! That's the wording I was looking for! Thank you -- well said! (...) OK, roger that. (...) OK, thanks for clarifying. (...) That's odd. No, I haven't seen it. I wonder if it's overflowing some form size or something in the browser? (...) (25 years ago, 31-Mar-00, to lugnet.admin.general) ! 
    
         Re: New feature: Article rating —Larry Pieniazek
     (...) This was against the Tree That Shall Not Be Named for fear of stirring it up again, at the time I think it was about 180 or so, and i had rated maybe 30 or them. I went through and rated every single post. In some cases I changed existing (...) (25 years ago, 31-Mar-00, to lugnet.admin.general)  
   
        Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
   All, It seems at this point that the article rating feature -- intended to help -- is actually causing more harm than good to the community. It's difficult to gauge how much harm is being done when opinions are so varied, but it's clear that (...) (25 years ago, 20-Apr-00, to lugnet.admin.general, lugnet.general, lugnet.announce) !! 
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Selçuk Göre
      (...) This is the best option I think, at least better than the option below (which I was thinking as the best, until reading your message). It doesn't included the feeling of "elitism is at the front door" by satisfying an automated "top n list" (...) (25 years ago, 10-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) OK, good, we need to get rid of any feelings of elitism... (...) Isn't that ironic? :) I've marked almost every message on this thread as 100 a recommendations to read and for the insightful comments. Perhaps others did as well, or others (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Rating websites.... (was: opinions on rating) —Shiri Dori
      (...) If you consider this original purpose, CLSotW has definitely lived up to it and much more! I look forward to the new pick every week, and I usually check out the nominations too. I think it's a great thing as is and should not be mixed with (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —John Robert Blaze Kanehl
     (...) I can't pinpoint any concrete examples of elitism, per se...but,upon reflection I can see where some debates degenerated into lowballing of comments from opposing perspectives ...I view Lugnet as a Microcosm of the internet information (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Dan Boger
     (...) I, personally, like the rating system. I do understand the emotion that I attach to my posts, and while I know I don't always post something useful, it does stab (a tiny bit) when I see it marked down... So I guess I wouldn't want to have it (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) In some form, yes, but it's greatly lacking in that it has no way of learning your personal preferences. Already there are 180 CLSotW past picks, and just to go through all of them (even on a T1 or a T3) would probably take someone several (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Dan Boger
     (...) so something like /lugnet/publish/sites or /lugnet/announce/site where you (or someone) can post a site, has to set a FUT to someplace else... perhaps instead of the regular message post form, you do it with a special form that will ask for (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? —Ben Roller
     In lugnet.admin.general, Todd Lehman writes: (Some snipping here, read Todd's post) (...) I think a combination of these could work well. The ratings could be hidden from public view, so that noone feels like they are being punished, and the server (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Jeff Johnston
     (...) Hi Todd, To be brutally honest, I had some doubts about the rating system when I originally saw it - I wondered how long it would be before somebody decided (say) that they didn't like someone else and started rating all of their posts as '0'. (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —James Brown
     In lugnet.admin.general, Todd Lehman writes: <bulk snip> (...) Indifferent. I've been following along, and have a pretty good idea of what the issues are, but it just doesn't matter much to me. I don't put much stock in the numbers to date, since so (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Markus Wolf
     Hi Todd, My personal feedback. I think the ratings system has caused me to post less, if that's a concern or not. I haven't felt belittled or berated, but I tend to think nobody reads my posts when I see it rated by less than 3 people and it rated (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Frank Filz
     Some miscellaneous unordered thoughts: - I would be inclined to say that the rating system is definitely harmfull. I have not seen anyone say "wow, this rating system just helped me read through 2 weeks of posts and catch up on all the important (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Frank Filz
     A couple more thoughts: - Anytime you have a way to compare reactions about things, there is opportunity for people to feel that their contribution wasn't valued. Note that we have someone currently bummed out that they got a lukewarm reaction to (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Peter White
     In lugnet.admin.general, Todd Lehman writes: snip,snip,snip... (...) That's probably a good idea (it doesn't worry me) for the sensitive, but people will always be tempted to look at their 'mark' and get upset. (...) I think the rating system has a (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) Here BTW is a quick example of a "top N" list (N=40)... (URL) just an experimental page, and it may go away without notice. I'll leave it up for at least a few days, though, for feedback. It's updated once hourly by a cron job. The ratings (...) (25 years ago, 20-Apr-00, to lugnet.admin.general) ! 
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Peter White
      (...) I like the top 40, and hope it stays. I was hopefully speaking for others with the 'less time' comment, I myself use the web browser to look for interesting post titles or hop into ng's I have an interest in, I admit to spending hours browsing (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) Any suggestions on a better title than "top 40"? If there wasn't already something called "Spotlight," that might be a good name for it. I'm wary that "top 40" sounds possibly like it's putting things up on a pedestal or too much like the (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Larry Pieniazek
     (...) articles are ones expressing dissatisfaction or concern with the rating system.... as the old saying goes, you can vote yourself OUT of a democracy but you can't vote yourself back into one. If the ratings system survives in some form, this (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        What should be done about ratings (Was: Opinions wanted: article rating harmful?) —Nicholas Allan
     Before I start this message is a response to (URL) have very rarely used the Lugnet News web-interface so I did a little research on the rating system. After twiddling around in the web-based version I discovered that some fundamental issues need to (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: What should be done about ratings —Ben Roller
     (...) Good point. I see a growing need for a "ratings HOW-TO" page. (...) If just anyone can rate a message, what's to keep me from creating 100 accounts and rating my posts up to "100" for whatever reason? Todd's taking steps to verify existance of (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: What should be done about ratings —Nicholas Allan
     "Ben Roller" <broller@mail.clemson.edu> wrote in message news:FtC0nK.AGL@lugnet.com... (...) Perhaps rating can be done in two completely seperate ways. First one rates the quality of the content of the post and second one rates the relevancy. For (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Richard Franks
     In lugnet.admin.general, Todd Lehman writes: I think I've already said just about everything I have to say on this topic :) But if you're counting numbers... (...) I think being able to instantly see rated messages sitting next each other in a group (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Scott Arthur
      (...) help -- (...) to (...) clear (...) I think the rating system, in a ideal world, is a great idea. However, this is not an ideal world. The trouble with the system is, as I see it, that not enough members are voting - and those who are voting (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Richard Franks
     (...) Just for the record.. it isn't me! As in I do rate in loc.uk, but not all of them, and not my own posts :) Richard (25 years ago, 20-Apr-00, to lugnet.admin.general, lugnet.loc.uk)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) Me neither -- :) -- I try hard not to give opinions on messages in any of the loc groups except ones local to me, or rare cases where someone announced something that was obviously way helpful... There might BTW be some crossposting effects (...) (25 years ago, 20-Apr-00, to lugnet.loc.uk)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Scott Arthur
     (...) Sorry, I did not mean to infer you'd been voting on your own posts - although I'm sure you do value your own opinion :-) I just assumed that as the total number of votes were so low, that only one person was activley doing it - and I know you (...) (25 years ago, 21-Apr-00, to lugnet.loc.uk)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Hao-yang Wang
     Many of my posts have never received any replies or follow-ups, which is quite depressing. With the current scoring system, at least I know one or two people have read my post. This often makes me feel better. The actual score is not that important. (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
     (...) I think this is my preference. Furthermore, I think it'd be good if the current numerical scheme (while cool from a geek point of view) were reduced to two buttons: "This article is great" and "This article is off-topic". (...) I'm sorta (...) (25 years ago, 20-Apr-00, to lugnet.admin.general) ! 
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Susan Hoover
     In lugnet.admin.general, Todd Lehman wrote: [some concerns about the rating system] I don't post here often, because usually what I want to say has already been said. However, Todd asked for our opinions, so I figured I would speak up, as a (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Ed Jones
     (...) Then its a blind crapshoot. I, for instance, am a member but simply have not bothered to rate any articles as I can decide for myself what was worth reading. A rating system is, in and of itself, one of two things: 1. a critiqueing system. 2. (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Jeremy H. Sproat
     (...) I mainly use the NNTP interface; my perception of the rating system wouldn't change much. (...) This sounds good. Instead of trying to express one's personal feelings publicly but anonymously, a rater's motive would instead be to give feedback (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) Hmm, hmm... Very insightfully put. Hadn't looked at it from the point of view of an "anonymous, public reply." Interesting... --Todd (25 years ago, 20-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) That could be a great application of a detailed rating system... Multi- dimensional too, not just a single number. (...) In terms of websites, I was thinking more along the lines of you telling the server what types of websites you liked best, (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Kevin Wilson
      (...) I don't think you need site ratings to do this. If there was some way for a person (whether the site owner or someone else) to "register" a site with the cool links page, and then fill in a form specifying which themes (not just Lego themes, (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Frank Filz
      Todd Lehman wrote in message ... (...) people. (...) addition (...) What I think would be helpful for this is to come up with a good set of categories (do a fair bit of brainstorming so it doesn't have to be expanded too much later). Then when a (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Anders Isaksson
     Todd Lehman skrev i meddelandet ... [...about the rating system...] As I only read via a newsreader (off-line), I don't see the ratings and, even if I had been a member, don't have any opportunity to rate, I find it rather unnecessary. The storms (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —John Koob
     Todd Lehman wrote in message ... <snip> (...) ratings (...) simple (...) I think most users would activate this setting, if available. That is, it wouldn't likely solve the problems. (...) ratings (...) One idea is that ratings continue to be (...) (25 years ago, 20-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Shiri Dori
     (...) That's a good idea! I'm not sure what you mean by "sample size"; but I think that adding another condition would be useful: -Only display the rating if more than X people have rated it (X = ? Perhaps 5?) Is that what you meant by sample size? (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —John Koob
     Shiri Dori wrote in message ... (...) think (...) Yes. It doesn't really matter what X is, but 4 or 5 seems reasonable to start with. -- John (remove the obvious to reply) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Kevin Bannister
     Todd Lehman <lehman@javanet.com> wrote: <some questions about article rating> i can't really address the questions you asked, but i just wanted to say that i use emacs or slrn to broswe, and they both have great scoring systems, which i use on the (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Brad Hamilton
     I have always felt that the ratings given to my posts accurately reflected how interested others would be towards those posts. In fact, if you had asked me to personally rate all of my posts, i probably would have given them the same number. I (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Kevin Wilson
     (...) Better (...) Better (...) Better (...) Sort of: not "uncomfortable or unhappy about yourself or about LUGNET" but annoyed and indignant. Only once, because I use a newsreader 99% of the time and don't normally see the ratings. (...) No (...) (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Shiri Dori
     Hey Todd, I've been avoiding a direct and complete opinion about the rating system till now, mainly because I wasn't sure of my stand on it. But now I know where I stand... here're my answers: (...) This is a good idea and I'll be glad to ee it (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
      (...) [snip] (...) Good point -- this is kind of what I was trying to say, although I'd taken it to a further extreme. (Even less choices.) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) That's what the averaging effect is for -- to smooth that out. If the system also could learn what you liked, you might find that helpful. (That's a long way down the road, though.) (...) Will you still feel that way when there are 4x the (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
      (...) Smoothing what out, though? How does the system distinguish between "0: I like posts about robots, but not in .castle" and "0: not interesting to me", or "60: kinda funny if you're in the right mood" and "60: contains some useful information (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) It can't (and doesn't actually need to) distinguish that so greatly -- the bottom line (to it) would be that you disfavor posts about robots in castle and things that are kinda funny or contain some useful info. (...) I'm very skeptical about (...) (25 years ago, 26-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) Whoops -- :) -- I meant to say, "...that you disfavor posts about robots in castle and _favor_ (somewhat) things that are kinda funny or contain some useful info." But actually it would just look at the statistical correlation between your (...) (25 years ago, 26-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Shiri Dori
     (...) Well- yeah. But at the current amounts of rating (most posts get no more than two ratings) the averaging effect doesn't smooth much out. I totally forgot to mention in my long post that I actually stopped regarding a rating of a post as a (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? —Richard Parsons
     Todd Lehman wrote a bunch of worthy stuff about the rating system. Lugnet hosts an amazing variety of visitors. From my background, the rating system is fine. If I want to rate, I will (which I generally don't). If I want to pay attention to other (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Re: Opinions wanted: article rating harmful? —Todd Lehman
      (...) I wish I could mark that statment an "11". :) Very good point. (!!!!) --Todd (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? —Anders Isaksson
     Richard Parsons skrev i meddelandet ... (...) If that's how you see the ratings ("someone else's success"), I think the system should be turned off at once. I thought the ratings were supposed to help find readworthy (is that a word?) posts, not (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? —Todd Lehman
     (...) I think Richard was trying to guess what I meant by my question. My question was meant to "amplify" and address the worst possible imaginary concern. (...) That's correct. It's being changed to reflect that more closely. (...) Yes, this is an (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Scott Edward Sanburn
     Todd & All, (...) don't use the system in terms of the website interface, since I get all my LUGNET info from the NNTP. One of the most visible complaints I have of the ratings system is the inability of seeing these ratings on the various postings (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) First, thanks to everyone who has taken the time to put their thoughts into words, both publicly and privately. A clearer picture is beginning to emerge. We'd like to try scaling things back (i.e., simplifying things) just a little bit first (...) (25 years ago, 21-Apr-00, to lugnet.admin.general, lugnet.announce) !! 
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) The minus signs still look damaging, and I don't think it's good that a default of 1 (20 internally) can be lowered to 0 by a single person casting a 0. (20+0)/2 = 10, which becomes 0, which becomes "-". Might tweak this tomorrow, either to... (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Dan Jezek
       (...) This looks like a much better rating system. And I agree that any given article shouldn't be given a negative rating without further explanation. If someone continuously receives negative ratings for their posts, they might take it as their (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
      
           Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
       (...) That's not the whole reason, no. It's one important reason, though. (...) That's one purpose of it, although the Spotlight section almost always ignores auctions because it's more news- and MOC-focused. Before the ratings, it was also produced (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
      (...) How about +++ 4 ++ 3 + 2 1 0 ? (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) That's probably even better. Gonna try out a related thing first -- changing the "+" symbols to "!" symbols. The "!" symbol is a lot skinnier than "+", so it saves precious space, and the count of symbols isn't really as important anyway as (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Shiri Dori
       (...) symbols. (...) No, but I see how other people might. (...) <snip> Yes, definitely yes. If your post isn't recommended, it doesn't mean anything... just that it's not recommended. No hard feelings (or at least less hard than "low ratings"). (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
      
           Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
       (...) Also thinking of making a rating of 0 (lowest) not count -- i.e., be exactly the same as inputting no opinion at all. In other words, there would be a way not to recommend to read something (naturally) but no way to recommend not to read (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
      
           Re: Opinions wanted: article rating harmful? —Ben Roller
       (...) "If you can't say anything nice, don't say anything at all". Gee thanks for reminding us Mom...er..Todd. ;) Ben Roller (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
      (...) Yeah, I agree that "+" has connotations of "better". But I think the "!" seems to have a "Warning" feeling to it, especially in red. (It's a typical icon in warning error message dialog boxes, for example.) That doesn't mean it's necessarily a (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
      (...) Welp, space isn't really _that_ much of an issue compared to the symbol itself. All things being equal, a thinner character is better than a big fat character like "+". Let's see what people think about "!" after seeing it for a little (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Matthew Miller
       (...) For what it's worth, slrn uses ! to mark highly-scored (via my own score file) articles. So I'm certainly used to it. (I thought it kind of odd of slrn too, but no one asked me for feedback there....) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Ben Roller
      (...) I like + over *, but unless the !'s font is darker, it's worthless to me. I have fairly good eyes, but I can barely even see that the article is rated. Again, I introduce you to Mr. Dead Horse...Why not use 1-5 instead of !-!!!!!, *-*****, (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Shiri Dori
      (...) Ah, but that's the beauty of it! The font will be darker when the rating (or recommendation) is higher; if the rating is low, you shouldn't even notice it. A high-rated post will attract attention to itself; which is like a recommendation-- (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Scott Arthur
       (...) Hmm. As far as I can see, the main problem is neither the collection _or_ the representation of the data but the data itself. When members vote, they are voting on different things eg: Do I agree with that? Was that worded well? Was it (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Ben Roller
     (...) Well, since you asked, I thought I'd leave mine. (...) This change could be for the better. I was fine with the 100 scale (I think the 5 scale gives less acurate results) but it's good if it makes rating easier for people. Hopefully this will (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —John Robert Blaze Kanehl
     (...) I think that your rating concept has potential, but is incurring "issues in interprtation and implementation" (...) I browse Lugnet liesurely and often ( I have more time than most-I work out of my home) I can sympathize w/ those who are (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Larry Pieniazek
     (...) Better (...) So so. If the feature is to be kept, prefer that they be viewable. Else why have them. (...) Better. Wish the time had never been spent to develop them. (...) Victimized? Hardly. Annoyed that there's a strategic rater out there (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)  
    
         Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) You talk as if you seem to know how much actual time was spent on it. Elapsed time is a crude indicator of development time. (...) Sorry if you feel the password checker is useless. Sorry if you feel inclined to make gross assumptions about (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Larry Pieniazek
      (...) Time is time, all I have to do is look at the number of posts about it to tell that some time was spent on it, by you, by me, by others, regardless of how much time was development time vs playing with it time vs loading up its DB. I won't (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
      (...) Fair enough. (...) Not really. Wish I hadn't had to. (...) Not really, no. It's not intended as a toy or a means of entertainment. I enjoyed getting feedback on aspects of it to the extent that getting useful feedback is enjoyable. (...) Not (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
     
          Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Richard Franks
       (...) Even if you have great passwords - can't just anyone in the intervening networks between the user and LUGNET just snoop in and copy down the unencrypted password? Richard (25 years ago, 22-Apr-00, to lugnet.admin.general)
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Matthew Miller
        (...) Not if it uses https, which I assume it will at some point. (25 years ago, 22-Apr-00, to lugnet.admin.general)
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
        (...) As long as it's using http and not https, yes. Once it's in a cookie, it's no longer plaintext, so it's less susceptible to snooping although still susceptible to playback attacks. --Todd (25 years ago, 22-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Jeremy H. Sproat
        (...) Aren't the contents of a cookie simply Base64-encoded? I mean, it's a wel-known and reversable format. Cheers, - jsproat (25 years ago, 22-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Matthew Miller
         (...) I assume it's a one-way hash of some sort. I'd guess (without looking) that it's probably md5.... (25 years ago, 22-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
        (...) No, the last phase of encoding (and thus the first phase of decoding) for the sign-in cookie is a Base16 (ASCII hex [0-9A-F]) pass. This, however, is applied to an already-encrypted id/pw combo, which has been passed through a pad-style (...) (25 years ago, 22-Apr-00, to lugnet.admin.general)
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
       (...) So are you going to enforce that people HAVE to set their passwords to things that the validator feels don't suck, or are you going to give advice but allow it anyway? The former is rather draconian for a site that doesn't handle money. I've (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
        (...) That is its purpose. --Todd (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Richard Franks
         (...) But the validator doesn't find non-sucky passwords, it just finds the least randomised - ie, it will pass something like: 4h(i,>$s& but fail: 4h(i,>$s&-fun What's the point of allowing people to change from their highly randomised default (...) (25 years ago, 23-Apr-00, to lugnet.admin.general) ! 
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Matthew Miller
          (...) It's finding _more_ random passwords in a technical sense of "random". (More random = containing no sequences. Or more accurately, no part of the number follows from any other part.) I agree that the super-cool validator may be overkill for (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Richard Franks
          (...) Yup - you're right - my squiff (I meant *more*) :) (...) I'd be happy with a user-responsible password for membership logins (ie 90% of membership use including posting privilidges), but with authorisation through a LUGNET-validated password (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              (canceled) —Larry Pieniazek
          
               Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —John Matthews
           I can't believe that Larry posted this twice (accident maybe, maybe not). I am with Larry on this one. This is a problem that requires a simple solution. Please do not confuse simple with simplistic. It is a complicated problem; the solution, while (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)
          
               Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
           (...) It was an accident and I would appreciate the first one being cancelled. There is a difference in phrasing of less than 1% between the first and second, but it's crucial. (...) I appreciate the support but I don't actually agree with John. At (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)  
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
           (...) a (...) I wouldn't. Look. I've read through the plan several times. There is nothing there that needs this *insane* level of protection. Nothing. Really. We are *not* talking missile lanuch codes here, people. Two levels of passwords is (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)  
         
              Re: PW validation —Todd Lehman
          (...) Ya, sorta... But not so much two different states of logins as two tiers of passwords which would both be required (only if you wanted it that way) before you'd be considered actually logged in. In other words, you could give two passwords (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
         (...) It's perfectly content to "pass" most 6- to 8- character pw's constructed by the first letter of successive words, especially if the pw includes a digit, a capital letter, or a special character. Those types of things tend to be "random" from (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)  
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Richard Franks
         (...) Maybe I'm just miffed because it failed *all* of the passwords I use? :) If I did anything that even remotely required great security that would be a problem I guess! (...) *mumble*mumble* Look over there - a MISB Galaxy Explorer! (...) It's (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Eric Joslin
          (...) Me too. I mean, I'm not miffed (I have *much* better things to get miffed about) but it did fail, without exception, every password I have ever used. (...) I do. And the things I apply them to have checks for weak passwds. I suspect that they (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Eric Joslin
          (...) In a row. Very important phrase I left out. (...) eric (25 years ago, 23-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
         (...) Are there any that it gave between 0% and 100% to? (i.e., not < 0% ?) (...) Eeek -- no! -- locking people out on a failed login attempt would certainly negate the danger of a brute-force of attack, but it would make an entirely new type of (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
         (...) Draconian and rather big-parentish. Why can't I take the risk of a sucky password if I so choose? Not that I personally would, mind you. Now, unlike government jackbootedness, we do as consumers have a choice not to use Lugnet... but what (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)  
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
         (...) You put more at risk than your own data or matters when you choose a sucky password. (Think about it.) (...) Increased probability of successful brute-force compromises. (...) Have I somehow given you the impression that that the only purpose (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Dan Boger
          (...) true, but can't you limit the number of attempts to, say, 5 in 30 minutes... that will make brute force attacks impractical... :) Dan (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
          (...) How without opening an equally dangerous door? --Todd (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Dan Boger
          (...) Well, for a brute force attack to be successful, they have to try 100,000s of passwords... if you limit them to 5 tried every 30 minutes, it's pretty certain that they won't stumble upon the correct password before the password owner dies... (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
          (...) Denial of service. I could write a bot that wakes up every 4 minutes and tries 6 random passwords for your account (and theoretically every one else's too) thus denying you (or theoretically anyone) the ability to get on as a member, because (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
         (...) Who said that? Not me... ++Lar (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Kevin Wilson
         (...) In that case, you may as well not bother allowing us to change passwords since we can only change to one just as random and hard to remember, which will also go up on a yellow sticky on the monitor like the current one is... (if I worked in an (...) (25 years ago, 23-Apr-00, to lugnet.admin.general) ! 
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Anders Isaksson
        Todd Lehman skrev i meddelandet ... (...) I think that's unwise (to _force_ people to use an acknowledged pw). Two reasons: - one cannot choose a password that is easy to remember --> it will be written down in some easy accessible place. - by (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
        (...) Can't or won't? (...) I don't believe that's the case. (URL) - the refutation of a password makes the customer irritated, especially if (...) I may have to make a short FAQ page. (...) SW:Ep1 M:Tron6989 70'sLEGO 2*4Brick Pi3.14159 12:34Sunday (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
         (...) Oops, almost forgot to list the classic counterexample! E=mc^2 That uses a mix of... * At least one uppercase letter from A-Z * At least one lowercase letter from a-z * At least one numeric digit from 0-9 * At least one "special" character (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Anders Isaksson
         Todd Lehman skrev i meddelandet ... (...) I'm not sure what you're asking here... What I tried to say was: If I have to construct a (for me) strange password, 'just to please the system' (that's how most users see it, at least), the probability of (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
         (...) oh, sorry. I was asking if you meant that people (a) actually wouldn't be _able_ to choose a password that was easy for them to remember or (b) actually could but wouldn't bother trying to come up with one that was easy for them to remember. (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
         (...) but not all. I don't. (...) I doubt most people that write down passwords apply any of these cyphers to them but I am just speculating on this particular point. (...) Fascinating... can you provide a reference for this assertion, or is it just (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —John Matthews
          From the last two posts, I think I have arrived at my own conclusion on this matter. Todd wants to protect his hard earned work by issuing complicated passwords that theoretically cannot be hacked. I can't blame Todd for this notion, it seems to (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)
         
              (canceled) —Todd Lehman
         
              Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
          (...) Thanks for your insightful and thoughtful comments, John! It's really not as complicated as it may seem. There is a simple pw tester, it does a reasonable job of identifying weaknesses in pw's, and it outputs a number in a range. It fails (...) (25 years ago, 24-Apr-00, to lugnet.admin.general)  
        
             (canceled) —Scott Arthur
        
             Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Scott Arthur
         This is an interesting subject. However, I only know one person who keeps a written note of his password/ATM number etc. The only reason he does this is because he is dyslexic. Despite that, I'm sure that as more and more web services now ask for (...) (25 years ago, 25-Apr-00, to lugnet.admin.general)
       
            Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
        (...) NONE of those are bad passwords for the level of security that LUGNET, now, or ever, (2) will require. To think differently implies that either there is something far far deeper and earth shatteringly important about to happen at some point (...) (25 years ago, 23-Apr-00, to lugnet.admin.general) ! 
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Kevin Loch
       (...) asked Not to mention that Lugnet != NSA. KL (25 years ago, 24-Apr-00, to lugnet.admin.general)
     
          Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Mike Stanley
      (...) I haven't posted with respect to this in a while, but I would like to say that if you use this current validator to validate what people can choose for passwords you might as well just not use it and keep sticking people with the ones you are (...) (25 years ago, 26-Apr-00, to lugnet.admin.general)  
     
          Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
       (...) Thanks for the above data points. How badly did it fail them by? Did you catch this post from Monday?-- (URL) threshold number was below the all the number returned for the ones you tried that it failed? Would a threshold of, say, 50 (instead (...) (25 years ago, 26-Apr-00, to lugnet.admin.general)
      
           Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Mike Stanley
       (...) Pretty badly - I know they were all worthless. I didn't really pay attention to the numbers. I think they were as low negatively, though, as the "first leter from each word in a sentence" was positively, though. (...) I think they were all < (...) (25 years ago, 26-Apr-00, to lugnet.admin.general)
     
          Re: PW validation terms/labels —Larry Pieniazek
      I find the labels a bit pejorative, as they impose your thinking on what level of security is appropriate on what should just be strength metrics. For example at setting 1 "lax" it fails passwords that I consider perfectly adequate for the risk (...) (24 years ago, 5-May-00, to lugnet.admin.general)
     
          Re: PW validation terms/labels —Todd Lehman
      (...) OK, fair enough. Labels gone. Just pure numbers in the drop-down list now. (...) The label covers (covered) what the setting allows in the worst-case. If you poke around enough (or, as I've done, run scripts internally that hammer on it to (...) (24 years ago, 5-May-00, to lugnet.admin.general)  
     
          Re: PW validation terms/labels —Frank Filz
      (...) Perhaps part of the problem is the relative weights attached to various elements of strength of passwords. I would generally agree that a 4 character password should not be accepted (of course I suspect most of us have a significant amount of (...) (24 years ago, 5-May-00, to lugnet.admin.general, lugnet.off-topic.debate)
     
          Re: PW validation terms/labels —Todd Lehman
      (...) For the average person or script kiddle to crack a 4-digit PIN via brute force, they'd have to: (1) first actually get someone's card; and then (2) manually try out up to 10,000 combinations, and IIRC, ATM's are programmed to eat cards after a (...) (24 years ago, 5-May-00, to lugnet.off-topic.debate)
     
          Re: PW validation terms/labels —Frank Filz
      (...) (1) is certainly true, (2) is mostly true (there are many ATMs, including ones in stores which can not eat cards, and probably don't alert the cashier to take the card [possibly dangerous if the person using the card is a real criminal]). (...) (24 years ago, 5-May-00, to lugnet.off-topic.debate)
     
          Re: PW validation terms/labels —Todd Lehman
      (...) oh! OK. I totally totally totally agree with that! --Todd (24 years ago, 5-May-00, to lugnet.off-topic.debate)
    
         Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Todd Lehman
     (...) Oops, wrong word. It wasn't right to say that "misinformation" was being spread. Rather, speculation was being presented which just happened to be incorrect. (Big difference!) --Todd (25 years ago, 24-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Andrew Lynch
     I believe there is a problem that has already been addressed by several people, and that is that the ratings are too vague. If everyone is rating messages based on their own criteria, then we will never be able to use the information that is being (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
   
        Re: Opinions wanted: article rating harmful? (was: New feature: Article rating) —Tom McDonald
   In lugnet.announce, Todd Lehman writes: <snip> (...) It doesn't matter to me. (...) It doesn't matter to me. (...) Worse, slightly .. The feature does have its benefits. (...) No. I don't find validation in what others think of my stuff. I ask for (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)
 

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR