RE: Whitespace in passwords

From: Craig Wright (cwright@bdosyd.com.au)
Date: Tue Sep 20 2005 - 15:27:52 EDT

Next message: Craig Wright: "RE: Pen Testing for investigators"
Previous message: Marjorie Rintoul: "Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP"
Maybe in reply to: bryan allott: "Whitespace in passwords"
Next in thread: Steve.Cummings@barclayscapital.com: "Re: Whitespace in passwords"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

HI

1st it does not make them untouchable

Next, MOST applications do not accept Alt+xxx based passwords - very few users will use them as well

Do your users authenticate via a Radius systems, the web...? Any of these will not accept Alt+xxx chars.

Most users will have issues using this

the following does not make a very memerable password - see how often it is remembered?
╣ß♂|◙O11s

Craig

        -----Original Message-----
        From: Steve.Cummings@barclayscapital.com [mailto:Steve.Cummings@barclayscapital.com]
        Sent: Wed 21/09/2005 2:41 AM
        To: Craig Wright; BMcAninch@PENSON.COM; pen-test@securityfocus.com
        Cc: pand0ra.usa@gmail.com
        Subject: Re: Whitespace in passwords


        Why aren't alt characters feasible alt255 is an easy one for anyone to remember and if the policy for passwords dictates the requirement then most large firms would accept this especially if it made the password in the current view untouchable for the for seable future

Next message: Craig Wright: "RE: Pen Testing for investigators"
Previous message: Marjorie Rintoul: "Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP"
Maybe in reply to: bryan allott: "Whitespace in passwords"
Next in thread: Steve.Cummings@barclayscapital.com: "Re: Whitespace in passwords"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:57 EDT