Hello,

It's a nice feature if we can determine max password age to force users to change their passwords regularly.

Bye.

Please NO! I hate being forced to change my password.

Hi,

Most of the people use the same password in many sites (to remember it easily) and it is a bad habit!
An "optional" feature in ACP is a good idea.

Bye.

In an ideal world everybody should do this as it makes for a secure system, however I think people would just forget their password and/or find it annoying.

I like your suggestion

What I would like to see is a password strength option like many sites offer now

Yeah, I really would like to see a password strength meter too.

A password strength feature would be good, but one thing I wouldn't be able to stand is 'disallow password under X strength' - for example, some sites say that you can't have a password if it's less than medium strength, or if it doesn't contain a number. It's my password, and I'll decide how secure I want to be - but it's a nice indication on register, all the same.

I like the idea of making people use a secure password, considering I had somebody hack one of my moderator accounts, yes I did fire the person after that happen.

Anyways I love the suggestion, of doing a password strength, do something like Microsoft and others do, and make it look really professional ( colorized bar, perhaps tell you how strong it is, ect ). Anyways I think it should be on a group setting, if this were to be added, that why you could allow users to decide if they want to use the feature or not. This would allow you to secure your moderators, and other staff accounts, and allow users to decide for themselfs.

I mean as an admin, I could careless if a user account is accessed without permission, since he cannot do anything to the site itself. I think the password age, should be again a group setting, which would allow a staff to reset their passwords. It should also allow you to use the same password, if you choose, but you have to at least go to the steps of doing a password update.

I know that my school, or our student profile account, makes us change it every semester. While its a pain, I end up just making a small change to the password, then sometimes going back and making it the same password as before.

Account security, should be something that Invision should focus on, now that Converage will be out. Cool, helpful account mangement features, will make Invisions products even better. I think it also would be a very cool addition, to allow the user to allow a random generated password of x-bit strength to be generated and emailed to them. They could choose several different properties, so that their password could have non-digits or just alpha-numerical character, or any of the logical choices.

I think it will be very annoying and kinda useless cause i for an exmple use the same pass in several diffrent forums/sites.
And being forced to change it once in a while is not something i would be happy with, but i guess making it as an "Option" is a good idea (for extra security).