|
The Off-Topic Lounge APPROPRIATE FAMILY-FRIENDLY TOPICS ONLY - READ THE RULES! This forum is for posting anything (excluding topics prohibited by the forum rules) that's unrelated to email. General discussions, in other words. |
|
Thread Tools |
25 Jun 2017, 09:28 PM | #1 | |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,943
|
you shouldn’t be forced to use special characters in your passwords
From the Quartz Media magazine:
Quote:
|
|
11 Jul 2017, 05:51 PM | #2 |
Junior Member
Join Date: Jul 2017
Location: AnyBellaCoolHusky
Posts: 12
|
That makes a lot of sense. Delay on wrong passwords can thwart brute force much better than anything else.
|
12 Jul 2017, 05:57 AM | #3 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,722
|
Ha! Get any IT security person to listen to commonsense, or for that matter read and take to heart the latest security thinking? Nonsense! In my experience dealing with IT security at organizations big and small they are routinely ruled by petty bureaucrats who get their kicks by making employees lives miserable while they chuckle in the back room watching everyone jump through endless pointless hoops that actually degrade security--keeps them in work.
|
15 Jul 2017, 04:48 AM | #4 |
Junior Member
Join Date: Jul 2017
Location: AnyBellaCoolHusky
Posts: 12
|
As an aside, a very distant relative of mine once locked herself out from a school intranet, for the abhorrent system allowed other languages when changing password, but not on actual sign in.
A horror story. |
15 Jul 2017, 09:12 AM | #5 | |
Cornerstone of the Community
Join Date: Jun 2004
Location: Rupert, WV
Posts: 879
|
Quote:
- Bruce |
|
15 Jul 2017, 10:34 AM | #6 |
Member
Join Date: May 2017
Location: Emergency temporary account of ROBERT.BAK
Posts: 36
|
My pet hate is web sites (usually e-commerce sites) which use a "don't allow paste" command on their password input field (or other fields, for that matter). To my mind, this is detrimental to legitimate users (who are thereby being forced to use a password which is weak enough to be feasible to remember, and to type manually, instead of being copy-and-pasted from a password repository, as I prefer) while doing absolutely nothing for site security. (If i were trying to crack a site, using a buffer-overflow attack or the like, I wouldn't be dumb enough to allow my custom client to honour "no paste" requests.)
Fortunately, this dubious behaviour can be overridden by using Firefox with the appropriate plugin; but it's a dumb idea nonetheless. |
15 Jul 2017, 08:39 PM | #7 | |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,722
|
Quote:
|
|
15 Jul 2017, 08:47 PM | #8 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,943
|
|
Thread Tools | |
|
|