Programming Forums
User Name Password Register
 

RSS Feed
FORUM INDEX | TODAY'S POSTS | UNANSWERED THREADS | ADVANCED SEARCH

Reply
Page 2 of 2 < 1 2
 
Thread Tools Display Modes
Old Jun 27th, 2007, 5:44 PM   #11
Fourth
Newbie
 
Join Date: May 2007
Posts: 3
Rep Power: 0 Fourth is an unknown quantity at this point
Quote:
Originally Posted by programmingnoob View Post
hmmm ... so what do I do to guard against that? =/
the best way is to assign a generated, complex, password and not offer anyway to change it. the only person who can change it is you and you only change it to another generated one. encourage your users to memorize it and NOT write it down anywhere.
Fourth is offline   Reply With Quote
Old Jun 27th, 2007, 5:47 PM   #12
programmingnoob
Hobbyist Programmer
 
Join Date: Feb 2006
Posts: 154
Rep Power: 3 programmingnoob is on a distinguished road
Quote:
Originally Posted by Fourth View Post
the best way is to assign a generated, complex, password and not offer anyway to change it. the only person who can change it is you and you only change it to another generated one. encourage your users to memorize it and NOT write it down anywhere.
if user is not allowed to change it, then thats not very user friendly....

but then all these things we have around... like yahoo, msn etc... they all allow users to change it, how do they manage it? i mean of course i can not manage it all on my own, but how do they do it?
programmingnoob is offline   Reply With Quote
Old Jun 27th, 2007, 5:52 PM   #13
Fourth
Newbie
 
Join Date: May 2007
Posts: 3
Rep Power: 0 Fourth is an unknown quantity at this point
Quote:
Originally Posted by programmingnoob View Post
if user is not allowed to change it, then thats not very user friendly....

but then all these things we have around... like yahoo, msn etc... they all allow users to change it, how do they manage it? i mean of course i can not manage it all on my own, but how do they do it?
well, i was suggesting a hypothetical and admittedly unrealistic approach but it really is the most secure. given enough time a brute-force will EVENTUALLY solve a password.

to be secure you really just have to rely on your users to make smart passwords. yahoo and msn accounts are stolen all the time because users have easy passwords or freely give their info away. nothing you can do to guard against stupidity save taking all the control into your own hands.
Fourth is offline   Reply With Quote
Reply
Page 2 of 2 < 1 2

Bookmarks

« Previous Thread in Forum | Next Thread in Forum »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Python] Password Generator bulio Show Off Your Open Source Projects 2 Feb 28th, 2006 3:01 AM
Interesting Encryption Sane Python 0 Feb 26th, 2006 12:49 PM
password box ragenuub Visual Basic 5 Nov 15th, 2005 3:46 PM
Just a small password generator Jessehk Show Off Your Open Source Projects 3 Sep 16th, 2005 8:41 AM
ONETT Encryption Sane Coder's Corner Lounge 6 Aug 5th, 2005 12:07 AM


Contact Us - DaniWeb IT Discussion Community - Privacy Statement - Top


DaniWeb IT Discussion Community
All times are GMT -5. The time now is 11:33 PM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC