cancel
Showing results for 
Search instead for 
Did you mean: 

Security, Passwords and validation logic

Anonymous
Not applicable

Passwords:  Simple things, and most companies try enforce strict guidelines to help people define strong ones.  Truncating passwords at a certain length, or removing sertain multi-byte characters is ridiculous.  I hate not being able to use certain character of 16-20 character passwords using every type of charatcer possible.

 

Restricting between certain lengths, certain characters, or whatever pointless, annoying, ARGH -rantover

Message 1 of 13
2,826 Views
12 REPLIES 12

sheepdog
  • 3363 Posts
  • 31 Topics
  • 39 Solutions
Registered:

I get the point but I stand by my point of saying there are other factors involved. The problem is (in my experience) metacharacters cause a lot of issues - for example, in oracle using an exclaimation mark cause a big issue for a particular application although it worked in the normal way of access, the dev team neglected to test it on a unix login so it broke big time (actually they did but not in the way the call to the password worked automatically). Got even worse when the hardcoded password was encrypted and we had to escape the metacharacter to get the new one encrypted!

 

The problem really lies in the defined requirements as it just filters down. I can't give specifics but one of my particular passwords is defined by security of the customer as having only a character from a fixed list! 

Message 11 of 13
472 Views

Toby
  • 11577 Posts
  • 520 Topics
  • 213 Solutions
Registered:
Some great points from the both of you.

I prefer to use passwords as short as possible (i.e. with the full range of a keyboard's characters) whenever possible.

I have also looked into a number of pieces of password formulation research and it is incredibly interesting to learn of the reasons for people choosing the passwords they do.
Fancy writing a great device review or O2 forum guide? Send me a message!

Get involved:
• New to the community? This is how you get help.
• Want to know who we are? Come and say hi to us.
• Want to have a chat? Drop me a direct message.

Message 12 of 13
465 Views

Liquid
Level 44: Clearly Talented
  • 5942 Posts
  • 98 Topics
  • 305 Solutions
Registered:
Unfortunate thing is once you know the reasons people chose passwords they become a lot easier to guess.

Mean my password for this is all too obvious but unless you have access to my personal information its impossible to get. I cannot be social engineered as I don't have social media:D
Nothing sucks more than that moment during an argument when you realize you’re wrong. So Ive been told wink
Message 13 of 13
464 Views