[WikiEN-l] Feasible security idea for login? (was: Admin account cracker about to be run internally)
geni
geniice at gmail.com
Tue May 8 15:29:31 UTC 2007
On 5/8/07, Joe Szilagyi <szilagyi at gmail.com> wrote:
> Would it be overkill from the perspective of the number of users/scope of
> users to implement something that checked the strength of passwords as
> entered? Some websites feature tools that report on the perceived strength
> of your password as entered, typically from weak to decent to moderate to
> good to strong, or similar wording.
>
> Perhaps something like that, with the Wikimedia software having an option to
> simply refuse acceptance of anything less than 'moderate' value? You can
> have it check at each login, and in the event that it fails the 'moderate'
> test, force a password change. Since you in turn can't now enter a crap
> password, it will push everyone to add a decent password. Annoying, once,
> but after that... all users are covered, and this should no longer require
> constant monitoring afterwards (ideally).
>
So far every password testing website the IRC crew tested rated
Password123456 as at least moderate.
--
geni
More information about the WikiEN-l
mailing list