It’s not often that I give up on testing a new service during the registration process, but today I did. I was taking a look at a new service called folkd and couldn’t get it to accept my password. Then I noticed that they have “password guidelines”:
Your password must have a length of 6 chars at least and three of the following 4 rules must match:
* - Your password has to contain one number at least.
* - Your password has to contain one special char at least.
* - Your password has to contain big chars.
* - Your password has to contain small chars.
We’re not talking about online banking here - make it easy on your users to try out your service. Unless Folkd is something very special, it won’t get my attention again.
thats silly.. you cant create any password –if you follow the last two instruction set its a classic WTF err :)- !!
Looks like folkd is fulked…..Don’t piss off potential users. What is this site about? Can you have an about page or blog that makes sense?
You are too harsh. I tried the registration and it was easy and user friendly. I don’t know if the service worth it, but I’m now registered:)
that’s the standard password rules i’ve encountered on a yahoo-owned web site. they must be using the same validation open-source code!
it makes you think twice (or thrice in my case) before picking a simple password. it took me 3 tries before i realized what they’re asking for. i had to write down the password somewhere - it was too hard to remember and also case-sensitive.
Its good to see some web companies have a good sense of security!
The password was no problem… I’m use to choosing complex passwords for everything, no matter what the service
I think its great to start having more strong passwords. I think people aren’t aware how easy it is to get into areas when people aren’t taking the appropriate measure. It is nice to see someone doing something about that.
Honestly, if you had written, “This site won’t let me use a sufficiently strong password. Guess I won’t be coming back.”, that I could get behind. There’s tons of sites that won’t let you use special characters in passwords, and worse, tons of sites that specify a maximum length for your password. Those are what I really object to, because it’s typical done to squeeze a plaintext password into say, a varchar(15) (instead of say, a salted MD5 or SHA1 hash where the length of the hash is the only thing that matters). This indicates to me that the authors of the site don’t know the first thing about security.
Ha, the exact same thing happened to me today. I usually sign up for everything I can get my hands on (that reminds me, whatever happened to Allpeers?), but I let that one go for the exact same reason you stated.
And yes, it’s not a bad thing to have secure passwords, but I just don’t like people telling me how to create my passwords.
Stoopid. Maybe for financial services or company passwords, but certainly over-kill for a lame-o Web 2.0 service.
To all the dimwits who think it’s not secure enough, enforcing passwords that average people need to write down or save on their PC is quite a bit *less* secure.
I guess they go the point and changed the requirements: http://www.folkd.com/blog/?p=3
Maybe it was all part of the plan to generate traffic.
Problem one: I clicked on your link and it took the same time i read your first 7 comments to load; two, what does the site do? Why would I bother to register?; This is like asking to see your driver’s license before letting you inside a restaurant that won’t tell you what kind of food they serve…
“Unless Folkd is something very special, it won’t get my attention again.”
Don’t you think this is a little bit unfair? You cannot judge on a thing you don’t know yet - and they already changed that password issue.
hEH..Although I must say that Folkd looks quite good… might be a better startup than others