To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 6428
6427  |  6429
Subject: 
 Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
Newsgroups: 
 lugnet.admin.general
Date: 
 Sun, 23 Apr 2000 19:19:28 GMT
Viewed: 
 3458 times
  
Todd Lehman wrote:
Increased probability of successful brute-force compromises.

true, but can't you limit the number of attempts to, say, 5 in 30 minutes...
that will make brute force attacks impractical...

How without opening an equally dangerous door?

Well, for a brute force attack to be successful, they have to try 100,000s of passwords...  if you limit them to 5 tried every 30 minutes, it's pretty certain that they won't stumble upon the correct password before the password owner dies...

Or are you referring to a different door?



Message has 1 Reply:
  Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) Denial of service. I could write a bot that wakes up every 4 minutes and tries 6 random passwords for your account (and theoretically every one else's too) thus denying you (or theoretically anyone) the ability to get on as a member, because (...) (25 years ago, 23-Apr-00, to lugnet.admin.general)

Message is in Reply To:
  Re: PW validation (was: Re: Opinions wanted: article rating harmful?)
 
(...) How without opening an equally dangerous door? --Todd (25 years ago, 23-Apr-00, to lugnet.admin.general)

309 Messages in This Thread:
(Inline display suppressed due to large size. Click Dots below to view.)
Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR