FDibbins
Well-known Member
- Joined
- Feb 16, 2013
- Messages
- 6,723
The site owner?
-
If you would like to post, please check out the MrExcel Message Board FAQ and register here. If you forgot your password, you can reset your password.
A question for Bill Jelen
- Thread starter still learning
- Start date
The site owner?
My Aswer Is This
Well-known Member
- Joined
- Jul 5, 2014
- Messages
- 19,621
- Office Version
- 2021
- Platform
- Windows
The owner of Mr. Excel
FDibbins
Well-known Member
- Joined
- Feb 16, 2013
- Messages
- 6,723
ZVI
MrExcel MVP
- Joined
- Apr 9, 2008
- Messages
- 3,875
- Office Version
- 2019
- 2016
- 2010
- Platform
- Windows
Don't worry, he is good guy!
still learning
Well-known Member
- Joined
- Jan 15, 2010
- Messages
- 834
- Office Version
- 365
- Platform
- Windows
great job with the site Bill, thank you
mike
mike
My Aswer Is This
Well-known Member
- Joined
- Jul 5, 2014
- Messages
- 19,621
- Office Version
- 2021
- Platform
- Windows
Yes. I posted to your comment by mistake. Should have been to the question. Sorry.
that's kinda what I meant
still learning
Well-known Member
- Joined
- Jan 15, 2010
- Messages
- 834
- Office Version
- 365
- Platform
- Windows
ok
now that we cleared up who Mr. Jelen is and what the e-mail was about
can we go back to the original question.
what is
userid, e-mail address, and the encrypted password in the form of hash+salt.
and what is the appropriate steps to:
encourage you to take other steps appropriate to protect this online account.
mike
now that we cleared up who Mr. Jelen is and what the e-mail was about
can we go back to the original question.
what is
userid, e-mail address, and the encrypted password in the form of hash+salt.
and what is the appropriate steps to:
encourage you to take other steps appropriate to protect this online account.
mike
Andrew Fergus
MrExcel MVP
- Joined
- Sep 9, 2004
- Messages
- 5,462
- Office Version
- 365
- 2021
- 2016
- Platform
- Windows
As Bill stated a fast computer could create billions of passwords to try and guess the password - but to confirm the password is correct that could only be achieved by successfully logging in to this site...is that right? I'm guessing (as Bill said) that most people use the same password for most sites. So this sounds serious. But, if the perpetrator has not yet got into your personal MrExcel account, is it safe to then assume that other sites with the same e-mail/password combination are currently safe? I know that sounds like slack security on my part, but a password generator can easily generate the combinations, but it would be more time consuming to find the one that actually works? In the meantime accounts could/should be locked if multiple unsuccessful attempts, or a delay introduced to frustrate the perpetrator with an exponential time delay. Unless each and every account used the identical hash+salt combination (unlikely) then simply changing the MrExcel password NOW, before the perpetrator confirms your personal password, should be enough....is that correct? I know this sounds slack or potentially dangerous on my part but I'm guessing we are safer than we think once we change this password.
Last edited:
The main thing is not to have the same password for multiple sites. If someone else could log in to Mr Excel as me, what's the worst they could do? Ask a very basic question, or give an incorrect answer? I'm more than capable of doing both myself...!
But if they could take the same email address / password combination and use it to access accounts on online banking sites, shopping sites, social media, etc - you have a far greater problem.
But if they could take the same email address / password combination and use it to access accounts on online banking sites, shopping sites, social media, etc - you have a far greater problem.
Last edited:
