On Mon, 14 Feb 2005 10:17:53 -0800, Chris W. Parker <cparker@xxxxxxxxxxxx> wrote: > Alex Gemmell <mailto:agemmell@xxxxxxxxx> > on Monday, February 14, 2005 7:24 AM said: > > > Hello! > > Hi! > > > ######## > > # Code: > > ######## > > <beingfunnynotmean!>Do you also have a label on your computer that says > "Computer"?</beingfunnynotmean!> > > Some questions (because I'm curious): > > 1. Why would you *not* allow special characters? Wouldn't allowing > special characters make the password stronger? > > 2. Why are you forcing the password to have all unique characters? I > don't think I've ever read this as being a recommendation for strong > passwords. > > > Chris. > Oh! You're so mean!! ;) A lot of people are making some great points. I feel I must strighten this out a little. While I may not be the best coder in the world I do have my reasons. I originally made the passwords automatically generated and emailed to the user. Nice complicated ones! I was immediately shot down for doing this because no one here liked the idea of having complicated passwords! I was told to allow the user to chose their own so I merely wanted to make sure no one could have stupid passwords like "aaa". So I just added a few limitations. Besides, my small website doesn't hold any sensitive information about anyone so it wouldn't be the end of the world if some cracked it! So, no special characters because the passwords don't need to be THAT strong (nor would any of our users chose passwords that good - I'll bet money on it!). Oh, and the password won't have ALL unique chars, I was thinking 6 unique chars and a minimum of 8 chars for the whole password (could be more if they chose). -- Alex Gemmell |:| agemmell@xxxxxxxxx |:| -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
