Password Generation and exclusion of certain letters/digits in Webmasters and Developers http://www.dslreports.com/forum/r22630615 en Sat, 05 Dec 2009 11:28:31 EDT Sat, 05 Dec 2009 11:28:31 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22642259 dave :
said by yock See Profile :

This seems like the wrong solution to me. Why not simply recommend through your documentation that users use serif fonts?
Because it takes longer to write the documentation than to make such a trivial code change?]]> http://www.dslreports.com/forum/remark,22642259 Wed, 01 Jul 2009 21:34:52 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22642251 dave : Naturally, DEC was there first.

»en.wikipedia.org/wiki/Digital_Eq···necdotes

In 1960, DEC engineers realized that in specifying connectors on a frame, where numbers mark the card slot locations and letters mark the connectors on individual cards, some letters cause confusion. Thus the letters G, I, O, and Q were dropped to avoid confusion with C, 1, and 0. The remaining 22 letters were since known as the DEC alphabet[citation needed].
(Actually, we called it the DEC Hardware Alphabet).]]> http://www.dslreports.com/forum/remark,22642251 Wed, 01 Jul 2009 21:33:33 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22641669 nixen :
said by Steve See Profile :

said by nixen See Profile :

Two possibilities: 1) set your display page's FONT attributes to instruct the user's browser to render a Serif-based font; and/or, 2) put instructions in to use cut-n-paste to load the temporary password into the client's connect info.
The former is not universally reliable, and the latter is just more stuff to support.
If your users are still using IE5, then *ANYTHING* you do is going to be a support nightmare.

said by Steve See Profile :

Friedl's rule: the best tech support is that which is not necessary
Corollary: the best way to cut down on need for tech support is to install fatal auto-LARTs.
--
The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt. -- Bertrand Russell]]> http://www.dslreports.com/forum/remark,22641669 Wed, 01 Jul 2009 19:29:47 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22641526 Steve :
said by nixen See Profile :

Two possibilities: 1) set your display page's FONT attributes to instruct the user's browser to render a Serif-based font; and/or, 2) put instructions in to use cut-n-paste to load the temporary password into the client's connect info.
The former is not universally reliable, and the latter is just more stuff to support.

Friedl's rule: the best tech support is that which is not necessary

Steve
--
Stephen J. Friedl | Unix Wizard | Microsoft Security MVP | Orange County, California USA | my web site]]> http://www.dslreports.com/forum/remark,22641526 Wed, 01 Jul 2009 18:57:51 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22639740 nixen :
said by Steve See Profile :

said by yock See Profile :

This seems like the wrong solution to me. Why not simply recommend through your documentation that users use serif fonts?
Which would you rather provide tech support for:

a) forgotten-password link that avoids troublesome characters
b) "How do I change the fonts in my UnknownMail client?"

Corollary to (b): wanna teach my grandmother to change fonts on her browser?
Two possibilities: 1) set your display page's FONT attributes to instruct the user's browser to render a Serif-based font; and/or, 2) put instructions in to use cut-n-paste to load the temporary password into the client's connect info.
--
The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt. -- Bertrand Russell]]> http://www.dslreports.com/forum/remark,22639740 Wed, 01 Jul 2009 13:21:26 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22637712 Steve :
said by yock See Profile :

This seems like the wrong solution to me. Why not simply recommend through your documentation that users use serif fonts?
Which would you rather provide tech support for:

a) forgotten-password link that avoids troublesome characters
b) "How do I change the fonts in my UnknownMail client?"

Corollary to (b): wanna teach my grandmother to change fonts on her browser?]]> http://www.dslreports.com/forum/remark,22637712 Wed, 01 Jul 2009 00:21:38 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22637534 yock : This seems like the wrong solution to me. Why not simply recommend through your documentation that users use serif fonts?
--
Have more fun with your GPS.
Geocaching.com]]> http://www.dslreports.com/forum/remark,22637534 Tue, 30 Jun 2009 23:24:19 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22637475 Gomez : Language, platform, frameworks might be useful here..

I can give you a grails 3 line solution, but have no clue if it's remotely useful. ]]> http://www.dslreports.com/forum/remark,22637475 Tue, 30 Jun 2009 23:07:15 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22632889 csiemers : I use an array that has all the characters that I want an initial password to have, excluding the ones in your list. Then it's a matter of randomly picking out characters from that array to build a password.
--
»www.wwiivehicles.com

World War II Vehicles and Advanced Squad Leader]]> http://www.dslreports.com/forum/remark,22632889 Tue, 30 Jun 2009 09:11:03 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22631014 dave : No harder than writing the password generator in the first place, except you don't put as many characters in its alphabet.]]> http://www.dslreports.com/forum/remark,22631014 Mon, 29 Jun 2009 21:09:44 EDT Re: Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22630680 JAAulde :
said by mouse See Profile :

We are running a website that provides for a password forgotten service. A new password is being generated to get the customer back in. Unfortunately some of the passwords are difficult to read/interpret with certain letters/digits looking very similar (1,l,L,i,I,J,0 and O) especially depending on the font used by the recipient.

Just wondering how difficult it is to change the output for password generation to exclude those letters and digits?
Let me load up my telepathic interpreter.....darn, 'tis busted. ;) I guess you'll just have to tell us what software/language/etc is involved.
:D
--
No eat apple, eat cookie. Apple spoil dinner.

My Development Sandbox | LinkedIn Profile]]> http://www.dslreports.com/forum/remark,22630680 Mon, 29 Jun 2009 20:08:33 EDT Password Generation and exclusion of certain letters/digits http://www.dslreports.com/forum/remark,22630615 mouse : We are running a website that provides for a password forgotten service. A new password is being generated to get the customer back in. Unfortunately some of the passwords are difficult to read/interpret with certain letters/digits looking very similar (1,l,L,i,I,J,0 and O) especially depending on the font used by the recipient.

Just wondering how difficult it is to change the output for password generation to exclude those letters and digits?]]> http://www.dslreports.com/forum/remark,22630615 Mon, 29 Jun 2009 19:54:54 EDT