Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Whitespace in passwords

From: "bryan allott" <homegrown () bryanallott net>
Date: Tue, 6 Sep 2005 11:19:58 +0200
generally, and i dont know if this is social conditioning due to the misnomer "passWORD" rather than passPHRASE but it seems that [most?] people choose passes that dont contain whitespaces, and in fact, there are some system implementations that wont allow whitespaces in the password. my main question, re security, is wether the whitespace made the password too vulnerable? [historically] and why this constraint is introduced in many systems.. [but then, if myth- why propogate it?] i'm thinking that whitespaces [if yr system can handle them, and why not?] would add another measure of complexity in cracking pwds? 

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: 

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: