12 posts
  • Bought between 50 and 99 items
  • Has been a member for 6-7 years
rochow says

How does this work? Aren’t the passwords encrypted?

3197 posts
  • Attended a Community Meetup
  • Community Ambassador
  • Contributed a Blog Post
  • Helped protect Envato Marketplaces against copyright violations
  • Has been a member for 3-4 years
  • Grew a moustache for the Envato Movember competition
  • Beta Tester
  • Brazil
+8 more
DzincStudio says

Hi rochow, according to the article Why isn’t my chosen password acceptable on the Envato Marketplaces?

When setting or updating a password, you’ll be notified if your choice does not pass our validation, and prompted to create a stronger password. This will occur if your password is:

  • A weak combination of common dictionary words or passwords (e.g. password);
  • A weak permutation of one (p@ssw0rd, password123);
  • A variation on an Envato term, your username or your account details
  • (e.g. themeforest123);
  • Too short or;
  • Otherwise insecure.
12 posts
  • Bought between 50 and 99 items
  • Has been a member for 6-7 years
rochow says

It happens every time I login, I haven’t tried to update it.

So my question is more, “is the database actually encrypted or are the passwords being checked”, or is there a saved flag from way back which is causing the prompt.

3197 posts
  • Attended a Community Meetup
  • Community Ambassador
  • Contributed a Blog Post
  • Helped protect Envato Marketplaces against copyright violations
  • Has been a member for 3-4 years
  • Grew a moustache for the Envato Movember competition
  • Beta Tester
  • Brazil
+8 more
DzincStudio says

Oh, you mean a warning appears, saying that your current password is weak, every time you log in?

12 posts
  • Bought between 50 and 99 items
  • Has been a member for 6-7 years
rochow says

Yep

3197 posts
  • Attended a Community Meetup
  • Community Ambassador
  • Contributed a Blog Post
  • Helped protect Envato Marketplaces against copyright violations
  • Has been a member for 3-4 years
  • Grew a moustache for the Envato Movember competition
  • Beta Tester
  • Brazil
+8 more
DzincStudio says

I personally don’t know the technical/security inner workings of the login/prompt itself. My guess is, if your current password falls under one of the listed items above, then, that’s most likely the reason you’re seeing the warning.

If you’d like further technical clarification, you can always contact support, and the appropriate staff will gladly get back to you.

12 posts
  • Bought between 50 and 99 items
  • Has been a member for 6-7 years
rochow says

Yep, my question is how is it judged – given that any passwords in a database should be encrypted, so should have no idea what my password is, and therefore can’t figure out if it’s easy, hard, or whatnot.

It seemed to appear from nowhere one day, which is why I’m questioning it.

Like, there are ways to figure it out while having the DB is encrypted, but I want to make sure. You can never be too careful, even big companies screw up the basics. Before I actually do make a hard password, then turns out it’s all plain text :)

3424 posts
  • Football Contest Participant/Runner-up
  • Elite Author
  • Sold between 250 000 and 1 000 000 dollars
  • Community Moderator
  • Bought between 100 and 499 items
  • Referred more than 2000 users
  • Has been a member for 4-5 years
+5 more
sevenspark Volunteer moderator says

[removed just to be cautious]

12 posts
  • Bought between 50 and 99 items
  • Has been a member for 6-7 years
rochow says

:)

I didn’t want to say the options in case someone just said “yeah that’s how we do it” even though it wasn’t.

There’s definitely ways to do it, I just want to make sure it is encrypted, before I change it.

Better to be cautious – I’ve already lost credit cards etc from lazy protection. SOOO painful to have to update that info, probably a few dozen things are hooked to it, failed payments all over the place.

3424 posts
  • Football Contest Participant/Runner-up
  • Elite Author
  • Sold between 250 000 and 1 000 000 dollars
  • Community Moderator
  • Bought between 100 and 499 items
  • Referred more than 2000 users
  • Has been a member for 4-5 years
+5 more
sevenspark Volunteer moderator says

Well, none of the mods here will have insight into this, and it doesn’t make sense to discuss publicly I think. With that in mind, I think it’s best to discuss any concerns you have in private with support, as dzinc suggested :)

by
by
by
by
by
by