On Thu, Nov 17, 2016 at 12:28 PM, Pine W <wiki.p...@gmail.com> wrote:
> 1. If you don't trust that strength testing site (which is fine), choose > another. I did a couple of quick checks on that site; while it's entirely > possible that I missed something, it appeared to me that the site was not > sending passwords over the Internet, whether in the clear or encrypted. The > use of HTTP or HTTPS is irrelevant if the data isn't getting sent out in > the first place. > Or use a password manager that has a local built-in password strength tool, that way you don't risk being MiTMed by an HTTP site. In general, as mentioned, you should simply not enter your password on any website that is not the site the password belongs to. For my full-time job, employees have a Chrome extension where accidentally type your password on any website (even if it's not in a text box) you're required to reset it. *-- * Regards, *Tyler Romeo* 0x405d34a7c86b42df https://parent5446.nyc _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
