So are you telling me that tool "test if your credit card was cloned" is a
fraud? But its test included my ccv2 too! :p
Vito
2016-11-17 9:33 GMT+01:00 Chad <innocentkiller(a)gmail.com>om>:
On Thu, Nov 17, 2016 at 12:18 AM Antoine Musso
<hashar+wmf(a)free.fr> wrote:
Le 16/11/2016 à 19:19, Pine W a écrit :
>
> (0) Consider testing your password strength with a tool like
>
http://www.testyourpassword.com/; be sure that the tool you use does
not
> send your chosen password over the Internet
and instead tests it
locally.
By using an online testing tool, you are effectively breaking the very
first rule:
DO NOT GIVE OUT YOUR PASSWORD. EVER.
Using that site is exactly like sharing your password with a random
stranger in the world. Even if you trusted that website, and audited
the code at a given point in time, you have no guarantee the site hasn't
changed or that it is not collecting passwords.
Not to mention, it's plain-old-insecure HTTP, so of course anyone and
their mother's uncle could be sniffing the traffic ;-)
Same rule goes for a "generate a random password" site. Don't use
them.
-Chad
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l