The note on brute forcing is interesting - I'm guessing most sites still
don't lock out after X number of failed attempts?
Also the casing of the top 20 list is interesting. I would never have
guessed that 'Password' would be more common that 'password', or
'Qwerty' vs 'qwerty'.
Harvey.
On 31/01/2010 5:15 a.m., aaron v1.4.10 wrote:
That was really interesting. Did you have a link to a list for the top
1000 passwords?
On the topic of passwords, now that md5 can be cracked in seconds, I
guess using SHA1 is now considered best practice. Perhaps it's time to
have a password weakness feature (code anyone?)
--
Harvey Kane
New Zealand:
-Office: +64 9 950 4133
-Mobile: +6421 811 951
Email: [email protected]
If you need to contact me urgently, please read my email policy
www.ragepank.com/email/
--
NZ PHP Users Group: http://groups.google.com/group/nzphpug
To post, send email to [email protected]
To unsubscribe, send email to
[email protected]
