Hey Members!

We’ve encountered a few problems with members being adding to the new website, so we thought we’d create a page to help answer some of the more commonly asked questions and their answers!

Email Link No Longer Works

The link you were sent in an email to create a password for you account is only valid for about 48 hours.  Therefore, if you’ve waited too long you might get a message that the link (from your email) is no longer valid.

A simple fix to this is to go to your account page (https://manuscript.org/membership/my-account/) and click on the “Forgot your password?” link.  You’ll be prompted to enter your email address to recieve a new email to change your password.  The email should come within a couple of minutes and you’ll be given a new link to change (or set) your password!

Passwords Being “Too Weak”

This one’s a little trickier.  We’ve had a few members who are inputting passwords and Wordpress is determining that they are ‘too weak’ to allow.  We’ve discussed allowing ‘weaker’ passwords to be allowed but, when it came down to it, we want the new Manuscript website to be as secure as possible and will prevent it to be hacked or come under brute force attacks.

For this reason, we are asking that people please be patient and make sure they are using secure, strong passwords.  We’ve also come across some passwords that seem strong, but are considered ‘weak’ by the algorithm WordPress uses.

There are a few reasons for this.  Wordpress is using Dropbox’s zxcvbn library to help determine the strength of passwords.  Therefore, it is using a smarter system that ensures stronger passwords.  Here are a few examples of how a password may get a ‘too weak’ rating:

Passwords that use ‘l33k speak’ (ie. using a 3 for an ‘e’, 1 for ‘i’, etc. / having your password be “G00dm0rn1ng”) or if WordPress perceives it as l33k speak it may come back as ‘too weak.’

Passwords may also get a ‘too weak’ rating based on the password’s entropy.  This has to do with patterns of a password and how many times a password can be broken down (and therefore hacked faster.)  It’s a little too long to get into here, but here’s an article if you want to read more about the zxcvbn library and WordPress password algorithm.

What are your options?

After determining that we are going to enforce the use of WordPress-level strong passwords, this only leads us to two options.

  1. An administrator of the site can ‘overwrite’ a password of any strength.  If you’re comfortable enough and would like to email (or call) Shirley Sands (sands@manuscript.org) with your password, and she determines it is ‘strong enough,’ she can change your password for you.
  2. You can use various tricks to create a stronger password.  Sometimes it can be as simple as adding an extra character, capitalizing or using a variation on l33k speak.  For your convenience, we’ve compiled a list below of links to help you create a strong password that you can remember.

Password From A Sentence

People are much better at remembering sentences and song lyrics than they are remembering random letters, numbers, and symbols. One trick to creating a strong password is to take the first letter of every word in a long and memorable sentence and then add upper and lower case letters, numbers and a few symbols to produce your password.

Are you a fan of the Beatles? Then try this: “Yesterday, all my troubles seemed so far away / Now it looks as though they’re here to stay / Oh, I believe in yesterday”, which in password form converts to “Y,amtssfa/Nilatt’h2s/O,Ibiy”. Simple enough, right?

Another good example of this trick is to use a personal statement such as “Don’t forget, your wedding anniversary is on October 3rd!”. The password then becomes “Df,ywaioO3rd!”. There are endless ways to build highly secure and easy to remember passwords using this trick.

via SkyHighNetworks

Create A Constellation

Your keyboard is a blank canvas, ready to help you create your strongest password yet. Draw patterns meaningful to you across the keyboard, including letter and numbers (using your imagination, not permanent marker). The shapes could be your initials, your first name, or a geometrical shape like your favorite constellation to create your password of choice.

via SkyHighNetworks[/su_spoiler]

More Methods

Buffer has some more methods to ensure you’re using a secure password.  Click here to view some more methods.

Here’s another generator & tips from The Best VPN. : )

Conclusion

We sincerely apologize for any inconvenience or frustration this process may have given you.  Please remember that our first priority is keeping the website secure for all our members.  Thank you for your patience and understanding.