This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security, Passwords and validation logic

Anonymous
Not applicable

on ‎01-03-2013 13:16

on ‎01-03-2013 13:16

Passwords:  Simple things, and most companies try enforce strict guidelines to help people define strong ones.  Truncating passwords at a certain length, or removing sertain multi-byte characters is ridiculous.  I hate not being able to use certain character of 16-20 character passwords using every type of charatcer possible.

 

Restricting between certain lengths, certain characters, or whatever pointless, annoying, ARGH -rantover

Message 1 of 13
2,822 Views
0 Kudos
12 REPLIES 12

sheepdog
Level 26: Upbeat
In response to Anonymous
  • 3362 Posts
  • 31 Topics
  • 39 Solutions
Registered:

on ‎03-03-2013 16:45

on ‎03-03-2013 16:45

I get the point but I stand by my point of saying there are other factors involved. The problem is (in my experience) metacharacters cause a lot of issues - for example, in oracle using an exclaimation mark cause a big issue for a particular application although it worked in the normal way of access, the dev team neglected to test it on a unix login so it broke big time (actually they did but not in the way the call to the password worked automatically). Got even worse when the hardcoded password was encrypted and we had to escape the metacharacter to get the new one encrypted!

 

The problem really lies in the defined requirements as it just filters down. I can't give specifics but one of my particular passwords is defined by security of the customer as having only a character from a fixed list! 

Message 11 of 13
470 Views
0 Kudos

Toby
Former Staff
In response to sheepdog
  • 11577 Posts
  • 520 Topics
  • 213 Solutions
Registered:

on ‎03-03-2013 16:59

on ‎03-03-2013 16:59

Some great points from the both of you.

I prefer to use passwords as short as possible (i.e. with the full range of a keyboard's characters) whenever possible.

I have also looked into a number of pieces of password formulation research and it is incredibly interesting to learn of the reasons for people choosing the passwords they do.
Fancy writing a great device review or O2 forum guide? Send me a message!

Get involved:
• New to the community? This is how you get help.
• Want to know who we are? Come and say hi to us.
• Want to have a chat? Drop me a direct message.

Message 12 of 13
463 Views
0 Kudos

Liquid
Level 44: Clearly Talented
  • 5942 Posts
  • 98 Topics
  • 305 Solutions
Registered:

on ‎03-03-2013 17:07

on ‎03-03-2013 17:07

Unfortunate thing is once you know the reasons people chose passwords they become a lot easier to guess.

Mean my password for this is all too obvious but unless you have access to my personal information its impossible to get. I cannot be social engineered as I don't have social media:D
Nothing sucks more than that moment during an argument when you realize you’re wrong. So Ive been told wink
Message 13 of 13
462 Views
0 Kudos
Top Kudoed Authors
View All
Top