Special characters in password?

[gingerheid]

Hello

My apologies if I'm opening my account by asking a daft question; I decided to look for a CMS because it turned out I was too daft to be able to write my own website, so I might carry on here.

I'd be really grateful if someone could tell me...

If I include a character like © in a password, will I have
a) A more secure password
b) Something that will cause CMSimple to take a hissy fit?

I'm a bit nervous about just trying it out, as when I enable WWWAUT that seems to be the last time I am able to login...

Thanks!

[cmb]

Hi gingerheid,

If I include a character like © in a password, will I have
a) A more secure password

Using special characters will strengthen the password, but to avoid any trouble you should use ASCII characters only. This is particularly important, if you use WWWaut.

I'm a bit nervous about just trying it out, as when I enable WWWAUT that seems to be the last time I am able to login...

WWWaut might not work out of the box, if the PHP is not executed as Apache module (see http://www.cmsimple.org/?Installer%27s_ ... thenticate what to do else). OTOH: security type page and javascript are probably secure enough (and might make less trouble).

I don't know, which variant of CMSimple you're using, but I recommend using CMSimple_XH.

Christoph

[gingerheid]

Using special characters will strengthen the password, but to avoid any trouble you should use ASCII characters only. This is particularly important, if you use WWWaut.

Thanks

WWWaut might not work out of the box, if the PHP is not executed as Apache module (see http://www.cmsimple.org/?Installer%27s_ ... thenticate what to do else). OTOH: security type page and javascript are probably secure enough (and might make less trouble).

Thanks. It is installed as fast CGI, so I am trying to follow the steps in the link, which say that I should create a .htaccess file containing:

Code: Select all

RewriteEngine on
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization},L]

There is already a .htaccess file, which contains:

Code: Select all

order deny,allow
deny from all

Should I add the new lines to this, or replace this with them?

I don't know, which variant of CMSimple you're using, but I recommend using CMSimple_XH.

Thanks for the tip. It does look better, but I've already gone so far with the site in CMSimple that it's probably not worth changing now, especially as I'm really happy with how it looks!

[cmb]

There is already a .htaccess file, which contains:

Code: Select all

order deny,allow
deny from all

If this .htaccess is in the root of the CMSimple installation (right beside index.php), than you can't access the site at all. So remove these lines -- perhaps than everything already works. Otherwise insert the Rewrite directives; but these require mod_rewrite, which might not be enabled (if so, ask you provider to activate this Apache module).