Active discussions

Meet the Other Phone. Flexible and made to last.

Meet the Other Phone.
Flexible and made to last.

Buy now

Please or to access all these features

Add post

Watch this thread

Save thread

Start a new thread

Flip thread

Hide thread

My feed

Active Unanswered threads

Getting started FAQ's

Unanswered threads Acronyms Talk guidelines

Hide shortcut buttons

Talk

Site stuff

Join our Innovation Panel to try new features early and help make Mumsnet better.

See all MNHQ comments on this thread

Flip

Original poster

Login security

1 reply

asneakyone · 12/09/2015 22:31

MNHQ, I know you've tightened up your password rules since the recent security breach, but it strikes me that you're still vulnerable so long as you allow people to log in with their Usernames. These are easily harvestable in bulk from the talk pages, and hackers can simply run algorithms which try millions of relatively guessable passwords (simple combos of dictionary words, names, numbers and common patterns of capitalisation etc) against each one in turn.

If the option to use usernames was removed and we were forced to use our email addresses instead, then the site would be far more secure.

OP posts:

MNHQ

RebeccaMumsnet · 14/09/2015 15:35

Hi asneakyone,

Thanks for the suggestion.

It's one of the security improvements we're considering and we'll inform the users ahead of time if/when we're going to make this change or any other changes that will directly change the way that you log into Mumsnet.

Flip

Swipe left for the next trending thread

Get involved

Play today's Crossword

Play
Play today's Guessword

Play
Play today's Codeword

Play
Play today's Sudoku

Play
Play today's Numberfit

Play