|
|
 | | Re: LUGNET Memberships
|
| (...) LOL, no not that. :) --Todd (26 years ago, 27-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) Huh? Ther is only one thing I can think of that has a nine month completion cycle, and it doesn't have a thing to do with passwords. Could you elaborate? KL (26 years ago, 27-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) heh, I wouldn't know anything about the newsreader, but it shouldn't be hard to put in the mail gateway... and that would certify the sender... however, for the web interface (after thinking about it more), you want it to me a lot more (...) (26 years ago, 27-Sep-00, to lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) Oh, I was thinking of something newsreader-based. It'd be more of a pain for the web interface. Unless someone wants to hack something into Mozilla. :) Once upon a time, Verisign was making a big deal over personal certificates. Guess they (...) (26 years ago, 26-Sep-00, to lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) hmmm... now there's a thought.... how would that work though? make a private/public key pair for each member, and store the public key in the cookie? but what would stop someone from sniffing and stealing the cookie? auth over ssl? hmmm.... (...) (26 years ago, 26-Sep-00, to lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) University of Oxford. <ftp://ftp.ox.ac.uk/...rdlists/>. Wordlists have non-password related uses too, apparently. :) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) I don't find it funny; I'm just glad it hasn't been a problem. It'd be nice to hack in some sort of GPG-based authentication system.... (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: Password checks (was: Re: LUGNET Memberships)
|
| (...) No, I meant exactly that: I didn't think that anyone would ever (a) forget their password or (b) not be able to just go look it up. When you put it in a cookie, you don't even have to remember it beyond that, unless you move to different (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: Crossword question
|
| (...) Ya, when Suzanne showed it to me a while back, I was blown away. I guess it's like professional sw that's used by some real cw makers. (...) Exactly -- it's not part of the core system, and nothing except itself depends on it, and Java is (...) (26 years ago, 26-Sep-00, to lugnet.admin.general)
| | | | | Re: Password checks (was: Re: LUGNET Memberships)
|
| (...) Huh? Todd, I hope you meant to write, "I didn't think about dealing with people forgetting their passwords". People forget passwords *all* *the* *time*. That's why so many sites have such ridiculously unsecure password requirements -- so (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Crossword question
|
| Todd: I just got a chance to read about the engine behind the Crossword puzzle. Very very powerful and sophisticated, but also, apparently, commercial software. How does this square with the LUGNET philosophy? I thought you didn't want to use any (...) (26 years ago, 26-Sep-00, to lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| "Todd Lehman" <lehman@javanet.com> wrote in message news:G1HDIu.J6p@lugnet.com... (...) other (...) I (...) So ... are you going to tell us what is going to happen nine months from now or just leave us hanging? IMHO, the password checker and system (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) Imagine it is all you *can* do, as Todd didn't actually do the typing, he said he got lists of words readily available from the 'net that are made available (by whom?) to aid in building stronger password checkers. (and also to aid in building (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: Password checks (was: Re: LUGNET Memberships)
|
| (...) A solution to this could be to do the following: - when someone asks for a password reset, create a new password for them, put it in the list, also put it in a special "reset account" password file (along with the ID). - when the user receives (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: Password crack detection and slowing (was: Re: LUGNET Memberships)
|
| (...) Oh! One other thing, duh. An advantage this has over pure semaphores or mutexes is that, since it has a sort of "memory" about how many times an IP address has recent sent a failure, it could easily respond with immediate 403 errors (upon (...) (26 years ago, 26-Sep-00, to lugnet.admin.general, lugnet.off-topic.geek)
| | | | | Re: LUGNET Memberships
|
| (...) FTP standard ASCII text document, one word per line. Convert to ISO-8859-1 if necessary (character-based search & replace, quick). Feed to indexer via pipe. Walk away, sip coffee, come back later, it's all done. No typing. --Todd (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Password crack detection and slowing (was: Re: LUGNET Memberships)
|
| (...) I've been thinking about this more tonight, and reading a bit about SysV semaphores, but I don't have experience with them and I'm finding the docs confusing, especially where Perl is concerned. Anyway, upon further reflection, I wonder if (...) (26 years ago, 26-Sep-00, to lugnet.admin.general, lugnet.off-topic.geek)
| | | | | Re: LUGNET Memberships
|
| (...) ^^^...^^^ Ouch! I can only imagine the time it took you to key all that data in. (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) That's a problem. It does fail too many good pw's, partially because it tries to be too clever in transmogrifications and 20 different language lookups in its dictionary of 3 million words. (It was just as easy to put in that many as it was to (...) (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
| | | | | Re: LUGNET Memberships
|
| (...) Yup, it's a serious system. Most systems don't take pw issues seriously. (...) We'll see how many people find it funny nine months from now. --Todd (26 years ago, 26-Sep-00, to lugnet.people, lugnet.admin.general)
|
|
