Hi Gerard,
The issue isn't whether it could or should generate passwords because it already does generate passwords. The "E-mail password" functionality people use when they forget their password already generates a new password. I am asking if the generated password can be made easier to remember. The criteria I'm asking for isn't whether the generated passwords should be English, but whether they should be pronouncable - for instance "jimperbolt" or "paldyacktor" instead of "tN2HcQm".
-John
On 9/2/06, Gerard Meijssen gerard.meijssen@gmail.com wrote:
John Ky wrote:
Hello,
Is it possible to make Mediawiki generate readable and easy to remember passwords? ie. avoiding confusion between 1 and l, and using combinations of letters that are pronouncable?
Thanks
-John
Hoi, There is a difference between if MediaWiki could generate passwords and if it should. When there is an engine that generates passwords, this same engine could be used to generate passwords for an attack. Choosing passwords is the end-users responsibility. It is exactly by choosing a 1 in stead of an l that a brute force attack becomes slightly more problematic.
The other thing to consider is that when MW starts generating passwords, they will then be based on English ?? Bad idea when people use other languages like Hindi or Russian.. At that the captchas doing English words is not that great an idea (though it is convenient for me).
Thanks, GerardM _______________________________________________ Wikitech-l mailing list Wikitech-l@wikimedia.org http://mail.wikipedia.org/mailman/listinfo/wikitech-l