| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) You put more at risk than your own data or matters when you choose a sucky password. (Think about it.) (...) Increased probability of successful brute-force compromises. (...) Have I somehow given you the impression that that the only purpose (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
|
|
| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) true, but can't you limit the number of attempts to, say, 5 in 30 minutes... that will make brute force attacks impractical... :) Dan (25 years ago, 23-Apr-00, to lugnet.admin.general)
|
|
| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) How without opening an equally dangerous door? --Todd (25 years ago, 23-Apr-00, to lugnet.admin.general)
|
|
| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) Well, for a brute force attack to be successful, they have to try 100,000s of passwords... if you limit them to 5 tried every 30 minutes, it's pretty certain that they won't stumble upon the correct password before the password owner dies... (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
|
|
| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) Who said that? Not me... ++Lar (25 years ago, 23-Apr-00, to lugnet.admin.general)
|
|
| | Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
|
|
(...) Denial of service. I could write a bot that wakes up every 4 minutes and tries 6 random passwords for your account (and theoretically every one else's too) thus denying you (or theoretically anyone) the ability to get on as a member, because (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
|