a Kuribo64 account is not a bank account, and you are not an admin. there's barely anything they could use to their benefit, so your account isn't enticing.
They could use it for spam.
I'm talking about a singular account specifically. why would they bother trying to hack your account if it's going to be a PITA to crack the password and there's no benefit to hacking this one in particular? they could use ANY account, or heck they could just
create a new account and not go through the trouble.
the above assumes that the people who were hacked were only hacked because they had weak passwords. this would mean that for anyone whose password is complex enough to not be cracked with little effort, they do the logical thing:
give up
see, that's the issue
we're all different there
I hate when they require special characters
point taken.
I'm pretty sure the most effective component of passwords remains length and unpredictability. a random word with a letter in the middle would be near impossible to guess or easily bruteforce.
weak passwords would then be common strings, such as the "obvious passwords" examples you gave ('123456', ...) or words/names commonly used on the internet (ie celebrity names).
my recommendation would be to add a minimum baseline just for the sake of preventing the use of dumb passwords: 8 characters and one number.
oh yeah by the way, does the board have any defenses against bruteforcing? I imagine stuff like that wouldn't go unnoticed if you have logs for login attempts
Despite the existence of Discord, ROM hacking boards can still survive. Look at SMWC!
but we aren't SMWC. that site is focused on modding SMW, which is massively popular.
other mario games, not so much. SM64DS lives in the shadow of SM64, for which modding has always been more popular as well as easier since it's much better documented.