Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » Sites That Don't Allow Special Characters In Passwords !?!
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Analysis of the Gozi Trojan - leads to Russian data horde »
« Free antivirus for non-profit organization?  
AuthorAll Replies


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest

reply to Daniel
Re: Big Sites That Don't Allow Complex Passwords !?!

Your argument is invalid simply because over 95% of users still do manage their own passwords.
I manage my own passwords. Storing them in a file, and encrypting that file is part of how I manage them.

I just checked. I have 55 entries in that file, and I shun most web sites that require passwords. Nobody can remember that many.

If they actually are trying to remember 55 passwords, then they are probably using very weak passwords and re-using the same password for many sites. And if they are doing that, they have a more serious problem than the one you suggested in your OP.
--
AT&T dsl; Westell 2200 modem/router; SuSE 10.1; firefox 1.5.0.10
to forum · permalink · · 2007-03-17 18:17:54 · Reply to this


Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
said by nwrickert See Profile :

Your argument is invalid simply because over 95% of users still do manage their own passwords.
If they actually are trying to remember 55 passwords, then they are probably using very weak passwords and re-using the same password for many sites. And if they are doing that, they have a more serious problem than the one you suggested in your OP.
Well, that is the reality we're facing. The question is, how do we mitigate some of this risk? It's a lot harder to get users to change their habits than it is to get a single site that handles millions of accounts to change theirs.

I agree it's not a real solution, but nothing in security ever is. It's about reducing risk, and if we can add ANY significant amount of complexity to the incredibly weak passwords that most people use, we'll have accomplished something. Hence my OP.
--
dmiessler.com -- grep understanding knowledge
to forum · permalink · · 2007-03-17 18:24:44 · Reply to this
Forums » Up and Running » Security » SecurityAnalysis of the Gozi Trojan - leads to Russian data horde »
« Free antivirus for non-profit organization?  

Saturday, 05-Dec 15:45:14 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [163] Comcast Releasing Promised Usage Meter
· [147] Avast Antivirus Has Gone Mad
· [127] Comcast Makes NBC Universal Acquisition Official
· [104] Graduate Student Unveils Sprint's GPS Sharing With Feds
· [101] Google Invades ISP, OpenDNS Turf With Google Public DNS
· [99] The Bandwidth Hog Does Not Exist
· [85] FCC Ponders Moving From PSTN To IP Voice
· [81] Latest Consumer Reports Survey Not Kind To AT&T
· [80] New Bill Aims To Limit ETFs
· [74] Sprint Defuses GPS Privacy Media Bomb
Most people now reading
· False positive in Avast! or is it real? [Security]
· Wife might have to work in.... Iowa for a few months!!! [General Questions]
· Windows 7 boot manager editing questions [Microsoft Help]
· DNS options, what are YOU using? [TekSavvy]
· Farewell [Bell Canada]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· First commercial tool to crack BitLocker arrives (Updated) [Security]
· An Excellent Guide About Google Voice And Sip Sorcery [VOIP Tech Chat]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· UPS - What do you people think happened? [General Questions]