https://issues.apache.org/bugzilla/show_bug.cgi?id=47573
--- Comment #3 from Kelly O'Donnell <[email protected]> 2009-07-27 05:51:07 PST --- So why is your site using crypt with the maximum character set to 16 for passwords? Wouldn't you be susceptible to a dictionary attack of all words with 8 characters and get all users with 8+ character passwords? Its not like you lock out the account after multiple attempts. I see I read the documentation part on the second part incorrectly. Sorry about that part. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
