Account Password Security
|
Putting the responsibility on the user is pointless when the only thing they can do is prevent a brute force via complex password, but NO MODERN LOGIN SYSTEM SHOULD ALLOW BRUTE FORCING. It's ridiculous. Even an easy password is on a list a hundred long and should flag and alert the account owner via email or text message if implemented, long before (read: hours) they get it right.
There's seriously no reason any system should allow more than a few login attempts every five minutes, with periods between incorrect guesses getting longer with each attempt. |
|
|
I think having a system where you put in a pin number should be strong enough for password security. That what I think...Yet again its up to developers to think of away to secure accounts.
|
|
|
the only thing that ever worked in a game I played once was a separate pin requirement. A software-based RSA-type of "secure ID" would also be nice.
|
|
|
The PIN system is easily sidestepped, at least in the case of MapleStory (same with PIC). I've had my MS accounts hacked more times than I can count.
Salted hash...sounds tasty. |
|
|
,,,
[url=http://www.AnnandaleLocksmithVA.com]Locksmith Annandale VA[/url] [url=http://www.applevalleylocksmithmn.com]Locksmith Apple Valley MN[/url] Last edited by zeto#6003 on Jan 29, 2013, 5:58:08 PM
|
|
|
thanks for the heads up
Let it be
|
|
|
I actually had no idea those passwords were so common.
|
|
|
I would recommend LastPass to anyone who wants a good way to keep track of secure passwords. However, LastPass is not Open Source, so you cannot absolutely know that the software you're getting isn't going to steal your information (though this is certainly highly unlikely). KeyPass, on the other hand, is Open Source, so if you compile it yourself (after reading the source code), you could be reasonably sure it's a secure program. KeyPass also has a viable Android application, whereas LastPass does not.
|
|
