[BlueOnyx:06916] Re: Disable Strong Passwords
Ken - Precision Web Hosting, Inc
kenlists at precisionweb.net
Thu Apr 7 01:16:09 -05 2011
----- Original Message -----
From: "User Ernie" <ernie at info.eis.net.au>
To: <blueonyx at blueonyx.it>
Sent: Wednesday, April 06, 2011 9:34 PM
Subject: [BlueOnyx:06914] Re: Disable Strong Passwords
> There is nothing wrong with the system suggesting if a password is strong
> or
> weak in the programmers opinion, however a site administrator should
> still be able to set what password they want. If a person can't remeber a
> password because it's too hard, then they will either set it to auto
> entry,
> or write it down on a postit note or something equally insecure.
>
> BlueOnyx already locks out dictionary and other brute force attacks quite
> well.
>
>
> - Ernie.
>
It's really a pain to have to get yourself off of blacklists because of
user=sales password=sales. Then the servers spams all night and you see it
in the morning.
Email software already remembers the passwords. Even the webmail can be set
to remember.
>>brute force attacks
If the password is too easy, then it takes so few tries to guess it, that
they are not blocked. I've had that happen multiple times.
----
Ken M
Precision Web Hosting, Inc.
http://www.precisionweb.net
More information about the Blueonyx
mailing list