Hello Teratoma [SETI.USA],
The intention has always been to eventually activate BAM on the WCG. I do not know when this will be done. At that time, the staff will review our policies to see if we should adopt all the current BAM policies.

For the moment, I do not expect any quick changes.

Lawrence

It is not the fault of WCG if users want to use a weak password. I use an 8 letter alpha/numeric mixture which is quite strong enuff.....and no matter what policy is used, if what happened is the database was compromised as stated in the firt post, no matter what 'strength' of password you have used, someone has stolen it.....even if it was 2 characters long or 128!

The sign in manager will require your password if you are signed in with the "Remember Me" feature. As you know, your session times out quickly.

Q1: How many people posted on this thread have passwords using non alphanumeric on other systems even if it is not required?
Q2: How many use 4-5 numbers even if you are allowed to use alpha also?

I am not saying that there is a security issue here. I was just stating what has occured and the reason for me changing my passwords on all projects.

WCG has a weaker password policy than all of the other projects I participate in. I realize that WCG did not start as a BOINC project and did not start with their default site template. My concern is not whether or not a breach would occur here exposing all user information. It is simply that I cannot use a stonger password.

WCG is supported in BAM to a certain point....enough for me to do what I have to do. If I can't use it, fine...that won't stop me.

This may not be a bank, but none of my banking accounts allow a 4 digit password to access my account information online. Don't confuse a pin with a password.

The risk is that if a an account is hacked into, someone can theoretically leverage Boinc to access the computers and transmit malicious code to them. Considering that I think that stronger passwords should be mandatory, but I will settle for the option at a minimum.