dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
503
charlestek
join:2004-12-06

charlestek

Member

[Other] RCN Doesn't Allow Strong/Long Passwords

I just got off the phone with support. It is just incredible. For my email account RCN only allows a maximum of 8 characters. For my billing account, RCN allows a maximum of 10 characters. A very minimum semi-secure password needs to be at least 12 characters long, and that is bit short in my opinion (am a software engineer and have done encryption work).

In light of the massive breaches going on today at brick and mortar and online businesses, RCN appears to have ridiculously antiquated and poor standards to say the least.

I hope one of the RCN employee moderators reads this and might be able to kick this message to a much higher up and give me some contact information so I could speak with someone. I will try to look up the RCN CIO person, but I doubt I could easily contact him/her.

foo
join:2007-06-28
Chicago, IL

foo

Member

[Other] Re: RCN Doesn't Allow Strong/Long Passwords

Yeah, it's sad but is fairly common setup to see for online companies. I don't get it either man.
charlestek
join:2004-12-06

1 edit

charlestek

Member

Re: RCN Doesn't Allow Strong/Long Passwords


I managed to email one RCN exec and he was trying to tell me that using the full character set of Upper and Lower case, numbers and special characters would make my password secure. Yeah, I already knew that, but 8 characters is still 8 characters.

I suspect that RCN would have to spend a fair amount of money writing some of their system software for their database to allow longer passwords, and then of course there would be initial hassles from tons of less technical users that might get upset.

But that is only if they required say at least 12 characters, simply allowing something reasonably more than 8 characters for the email servers should not break their bank.

I have not seen any reply from the RCN monitors, but frankly I doubt they would reply.

Mod Note: Blog link removed
fromNewton
join:2005-08-07
Denver, CO

fromNewton to charlestek

Member

to charlestek

Re: [Other] RCN Doesn't Allow Strong/Long Passwords

As a long time RCN customer, I agree that the password limitation is a serious security issue. Your email password is the key to your digital kingdom; it unlocks most other passwords by simply clicking "forgot password" at your other, more secure, login sites.

RCN, please don't wait for a major disaster to fix this flaw. Do it now!