arythmic (OP)
Newbie
Offline
Activity: 5
Merit: 0
|
|
July 31, 2014, 02:54:30 AM |
|
Maybe I'm just old-fashioned. https://i.imgur.com/VgS309m.pngI'm guessing that at some point in technology history, someone must have thought "no, we don't need to do that..." why is this so common? It seems I only started seeing this when I got started with bitcoin.
|
|
|
|
dudexer
Newbie
Offline
Activity: 213
Merit: 0
|
|
July 31, 2014, 03:23:58 AM |
|
This is sily, you cant trust this system at all. Anyone with some amount brute force can get the login in the website.
|
|
|
|
TheNewAnon135246
Legendary
Offline
Activity: 2198
Merit: 1989
฿uy ฿itcoin
|
|
July 31, 2014, 06:39:51 AM |
|
This is sily, you cant trust this system at all. Anyone with some amount brute force can get the login in the website.
You can make it difficult for them. I am using a password with 8 letters and 10 numbers, which would take a bit longer to bruteforce. Some people use 8 characters max.
|
|
|
|
forever21
|
|
July 31, 2014, 10:05:43 AM |
|
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
|
|
|
|
sapta
aka BitRentX
Staff
Legendary
Offline
Activity: 1718
Merit: 1206
Yield.App
|
|
July 31, 2014, 11:50:11 AM |
|
And use different password for every site. Don't ever use your email password, and don't ever register to untrusted site. Especially when it doesn't have SSL Certificate.
|
|
|
|
rohnearner
|
|
July 31, 2014, 12:06:36 PM |
|
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
Although it is recommended to have strong passwords with a good mix of alphanumeric and special characters but in some cases it doesn't matter how strong your password is , key-loggers can upset you any day or worst case scenario a screen logger with key logger. So I never-ever feel secure doesn't matter how strong my password is.
|
|
|
|
DjPxH
|
|
July 31, 2014, 12:22:09 PM |
|
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
|
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
July 31, 2014, 12:35:15 PM |
|
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
Imagine just how many attempts it takes to figure out a ~20 character password, including numbers and symbols.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
forever21
|
|
July 31, 2014, 12:49:06 PM |
|
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
Although it is recommended to have strong passwords with a good mix of alphanumeric and special characters but in some cases it doesn't matter how strong your password is , key-loggers can upset you any day or worst case scenario a screen logger with key logger. So I never-ever feel secure doesn't matter how strong my password is. you can always prevent on how to be a victim of key logger it usually can install easily on windows but if you used debian or any other open source system then the chance is not so high
|
|
|
|
DjPxH
|
|
July 31, 2014, 12:51:58 PM |
|
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
Imagine just how many attempts it takes to figure out a ~20 character password, including numbers and symbols. Depends on the entropy of the individual characters But yeah, if it really is chosen randomly this is practically impossible. But even a shorter password could be effective if the amount of tries is limited by the server.
|
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ PRIMEDICE The Premier Bitcoin Gambling Experience @PrimeDice ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
|
|
vit1988
|
|
July 31, 2014, 05:34:20 PM |
|
Don't see a fail here. Confirming passwords does not increase security. It only prevents you from misstyping which is a non-issue as long as you are able to reset your credentials.
And as only long generated passwords are good passwords (which you typically generate in your password manager and copy+paste into that field with absolutely no chance of misstyping) confirmation form fields are in fact useless.
|
|
|
|
|
slurpy
Newbie
Offline
Activity: 44
Merit: 0
|
|
July 31, 2014, 05:48:22 PM |
|
Good thing I don't bump in to those websites much.
|
|
|
|
PolarPoint
|
|
July 31, 2014, 05:55:11 PM |
|
The problem with some sites is they don't accept password length more than 10 and no special characters, and they don't tell you about it. So, you enter this extra complicated password and you can never login with the password you typed.
|
|
|
|
Baitty
|
|
July 31, 2014, 06:27:28 PM |
|
Nice little program! Thanks for sharing.
|
Currently held as collateral by monbux
|
|
|
nottm28
|
|
July 31, 2014, 06:28:59 PM |
|
Nice little program! Thanks for sharing. There's also an iphone version for when you are out and about - if you do the apple thingy that is...
|
donations not accepted
|
|
|
|