Harvey I followed your blog from your sig, some really good stuff there..:)..
on the topic of passwords, i feel the "Password" and "123456" should come as no surprise, it just shows that the user does not care much if the account in question is not worth protecting that much, its just one off fling, i bet not many use 123456 for thir bank accounts or google accounts. On Sun, Jan 31, 2010 at 12:25 AM, Harvey Kane <[email protected]> wrote: > The note on brute forcing is interesting - I'm guessing most sites still > don't lock out after X number of failed attempts? > > Also the casing of the top 20 list is interesting. I would never have > guessed that 'Password' would be more common that 'password', or 'Qwerty' vs > 'qwerty'. > > Harvey. > > > On 31/01/2010 5:15 a.m., aaron v1.4.10 wrote: > >> That was really interesting. Did you have a link to a list for the top >> 1000 passwords? >> >> On the topic of passwords, now that md5 can be cracked in seconds, I >> guess using SHA1 is now considered best practice. Perhaps it's time to >> have a password weakness feature (code anyone?) >> >> >> > > > -- > Harvey Kane > > New Zealand: > -Office: +64 9 950 4133 > -Mobile: +6421 811 951 > > Email: [email protected] > If you need to contact me urgently, please read my email policy > www.ragepank.com/email/ > > > -- > NZ PHP Users Group: http://groups.google.com/group/nzphpug > To post, send email to [email protected] > To unsubscribe, send email to > [email protected]<nzphpug%[email protected]> > -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
