On Thu, Nov 17, 2016 at 12:18 AM Antoine Musso <hashar+...@free.fr> wrote:
> Le 16/11/2016 à 19:19, Pine W a écrit : > > > > (0) Consider testing your password strength with a tool like > > http://www.testyourpassword.com/; be sure that the tool you use does not > > send your chosen password over the Internet and instead tests it locally. > > By using an online testing tool, you are effectively breaking the very > first rule: > > DO NOT GIVE OUT YOUR PASSWORD. EVER. > > Using that site is exactly like sharing your password with a random > stranger in the world. Even if you trusted that website, and audited > the code at a given point in time, you have no guarantee the site hasn't > changed or that it is not collecting passwords. > > Not to mention, it's plain-old-insecure HTTP, so of course anyone and their mother's uncle could be sniffing the traffic ;-) Same rule goes for a "generate a random password" site. Don't use them. -Chad _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
