maybe i just have a mental image in my head with a password field saying no empty spaces.....
---------------------------------------- From: James Holmes <[EMAIL PROTECTED]> Sent: Tuesday, March 08, 2005 3:38 AM To: CF-Talk <[email protected]> Subject: RE: cftransaction... it wasnt safe? Username, yes (in fact I reject anything that doesn't match alphanumeric or the underscore) but if you trim a password (or make any other sort of edit) and they used a space (or any other edited character) they'll never be able to log in. You'd have to reject the password instead and get them to try again. In general, every character you allow in a password enhances security by adding to potential complexity of the password. -----Original Message----- From: dave [mailto:[EMAIL PROTECTED] Sent: Tuesday, 8 March 2005 4:28 To: CF-Talk Subject: RE: cftransaction... it wasnt safe? Personally I have yet too see a system that lets you add spaces in a password. Of all places I would think username and password fields should be one of the first things trimmed. ---------------------------------------- From: James Holmes Sent: Tuesday, March 08, 2005 3:24 AM To: CF-Talk Subject: RE: cftransaction... it wasnt safe? Another example; spaces can be legitimate at either end of a password. -----Original Message----- From: Micha Schopman [mailto:[EMAIL PROTECTED] Sent: Tuesday, 8 March 2005 4:17 To: CF-Talk Subject: RE: cftransaction... it wasnt safe? You stated you ALWAYS need to use Trim functionality. That is just not true. In essence, I think a developer should keep his claws from the entered content unless absolutely necessary. There are situations where you for example submit a textarea value. If the entered data contained spaces being affected by trim, but were entered on purpose. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:197789 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
