Password Advice

[ETank]

I know that this might seem trivial, but on the Account Management page, it gives a suggestion for a "long and strong" password. I refreshed the page a few times to test it, and I confirmed that it's not randomly generated upon pageload. Is it unique to my account? If Warframe takes off, I could foresee a large amount of (albeit careless) people using that generic suggestion and then getting account fished if everyone has the same recommended password, especially if things like trading or gifting eventually make it into the game.

Wouldn't it be more secure to spend an hour coding up a little randomizer for that suggestion, rather than deal with some serious potential headaches down the road?

[Ced23Ric]

... it's an example password. If someone actively uses an example password suggest by a website instead of their own, they deserve to have their accounts used. I agree that there should be no example to avoid such issues, but this is really ... foolproofing a fool's choice. Might aswell suggest that people use "password" as their password.

[ETank]

The reality is that 123456 (or some simple variant thereof) is the most commonly used password around - people take easy suggestions because they can. Because of this, social engineering and guesswork is really all casual hackers use to these days to catch an account. Any mechanism that allows the laziness of people (and yes, we are all lazy at some point) to be exploited is poor planning. The amount of coding time it would take to change the example to randomized is non-trivial, sure, but you've stopped up a potential griefpoint later.

No one "deserves" to have an account stolen just because they are lazy. By that logic, the first time you forget to lock your house, it should be completely looted.