WebApp Sec mailing list archives
Re: suggesting passwds to users
From: robert () dyadsecurity com
Date: Wed, 20 Apr 2005 10:48:46 -0700
Mark Owen(mr.markowen () gmail com)@Mon, Apr 18, 2005 at 03:12:17PM -0400:
So, when the user is at the change password page and about to type in "Mets4Ever" as their new password, why not give them a list of 10 or so cryptographically strong, randomly generated passwords as suggestions for them.
Another good guide for password management can be found here: http://www.radium.ncsc.mil/tpep/library/rainbow/CSC-STD-002-85.pdf Robert -- Robert E. Lee CEO, Dyad Security, Inc. W - http://www.dyadsecurity.com E - robert () dyadsecurity com M - (949) 394-2033
Current thread:
- suggesting passwds to users James Barkley (Apr 18)
- Re: suggesting passwds to users Mark Owen (Apr 20)
- Re: suggesting passwds to users robert (Apr 21)
- Re: suggesting passwds to users Saqib Ali (Apr 20)
- Re: suggesting passwds to users James Barkley (Apr 20)
- Re: suggesting passwds to users Saqib Ali (Apr 20)
- Re: suggesting passwds to users SecurityFocus (Apr 21)
- Re: suggesting passwds to users James Barkley (Apr 20)
- Re: suggesting passwds to users Mark Owen (Apr 20)
- Re: suggesting passwds to users Kelly John Rose (Apr 20)
- Re: suggesting passwds to users Robert Hajime Lanning (Apr 20)
- Re: suggesting passwds to users Michael Silk (Apr 20)
- Re: suggesting passwds to users Martin Sarsale (Apr 20)
- <Possible follow-ups>
- RE: suggesting passwds to users Matt Fisher (Apr 20)
- Re: suggesting passwds to users hggdh (Apr 21)