To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 6356
6355  |  6357
Subject: 
 Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
Newsgroups: 
 lugnet.admin.general
Date: 
 Sat, 22 Apr 2000 04:10:20 GMT
Viewed: 
 2750 times
  
In lugnet.admin.general, Todd Lehman writes:

having a password validator that doesn't suck is IMHO a fundamental
prerequisite to allowing passwords to be changed.  Anything less is
irresponsible.

Even if you have great passwords - can't just anyone in the intervening
networks between the user and LUGNET just snoop in and copy down the
unencrypted password?

Richard



Message has 3 Replies:
  Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) Not if it uses https, which I assume it will at some point. (25 years ago, 22-Apr-00, to lugnet.admin.general)
  Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) As long as it's using http and not https, yes. Once it's in a cookie, it's no longer plaintext, so it's less susceptible to snooping although still susceptible to playback attacks. --Todd (25 years ago, 22-Apr-00, to lugnet.admin.general)
  Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) So are you going to enforce that people HAVE to set their passwords to things that the validator feels don't suck, or are you going to give advice but allow it anyway? The former is rather draconian for a site that doesn't handle money. I've (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)

Message is in Reply To:
  PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) Fair enough. (...) Not really. Wish I hadn't had to. (...) Not really, no. It's not intended as a toy or a means of entertainment. I enjoyed getting feedback on aspects of it to the extent that getting useful feedback is enjoyable. (...) Not (...) (25 years ago, 21-Apr-00, to lugnet.admin.general)

309 Messages in This Thread:
(Inline display suppressed due to large size. Click Dots below to view.)
Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR