On Dec 28, 2010, at 10:28 PM, Joshua Kehn wrote:
On Dec 28, 2010, at 6:28 PM, Paul M Foster wrote:
On Tue, Dec 28, 2010 at 03:11:56PM -0500, Joshua Kehn wrote:
Specifically:
Dotan Cohen wrote:
I seem to have an issue with users who copy-paste their
usernames and
passwords coping and pasting leading and trailing space
characters.
Users should not be copy-pasting passwords or usernames. Do not
compromise a system to cater to bad [stupid, ignorant, you pick]
users. If this is an issue then educate the users.
Wrong. I use a program called pwgen to generate passwords for me,
which
I cannot remember. I use another program I built to store them in an
encrypted file. When I have to supply a password which I've forgotten
(as usual), I fire up my password "vault", find the password, and
paste
it wherever it's needed. Users would be wise to follow a scheme like
this, rather than using their dog's name or somesuch as their
passwords.
Paul
--
Paul M. Foster
http://noferblatz.com
What is "wrong?" That users should not be copy-pasting passwords or
don't compromise the system?
I agree that users should not use weak passwords, but not everyone
goes everywhere with a vault. I am more then capable of memorizing
20 or so 16-32 character full set passwords.
20? child's play. How about 250+ randomly generated passwords and
username combinations?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
