On 05/07/05, Jtkiefer jtkiefer@wordzen.net wrote:
- does the alt. password that was sent to you stay active indefinately
as well?
If I remember the gist of the code right, then yes, it probably does. Glancing at the code, I think it gets deleted from the DB when you next change your password.
- If so isn't that a huge security risk?
Not really - it's no easier to guess than your "real" one (probably harder, unless you're paranoid enough to use properly pseudo-random strings rather than something vaguely word or number like), and only you ever knew it.
Since exactly one random password + one "real" password can be active at any time, it's equivalent to halving the odds of picking the right one randomly. Sounds scary, until you consider that half of several billion (?) possibilities is still several billion possibilities. I don't know what the odds actually are, but human predictability reduces the search space by far more than having 2 valid passwords ever could. [And as I say, the generated password is likely in that part of the search space that crackers would leave till last, as it's more likely the user will have chosen something at least vaguely predictable].