To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 6424
    Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
   (...) You put more at risk than your own data or matters when you choose a sucky password. (Think about it.) (...) Increased probability of successful brute-force compromises. (...) Have I somehow given you the impression that that the only purpose (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
   
        Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Dan Boger
     (...) true, but can't you limit the number of attempts to, say, 5 in 30 minutes... that will make brute force attacks impractical... :) Dan (25 years ago, 23-Apr-00, to lugnet.admin.general)
    
         Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Todd Lehman
     (...) How without opening an equally dangerous door? --Todd (25 years ago, 23-Apr-00, to lugnet.admin.general)
    
         Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Dan Boger
     (...) Well, for a brute force attack to be successful, they have to try 100,000s of passwords... if you limit them to 5 tried every 30 minutes, it's pretty certain that they won't stumble upon the correct password before the password owner dies... (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
    
         Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
     (...) Denial of service. I could write a bot that wakes up every 4 minutes and tries 6 random passwords for your account (and theoretically every one else's too) thus denying you (or theoretically anyone) the ability to get on as a member, because (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)
   
        Re: PW validation (was: Re: Opinions wanted: article rating harmful?) —Larry Pieniazek
   (...) Who said that? Not me... ++Lar (25 years ago, 23-Apr-00, to lugnet.admin.general)
 

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR