[Cryptography] How secure are hashed passwords?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri May 23 01:24:52 EDT 2014
Bob Simmons <bsimmons at compassnet.com> writes:
>Not excusing the use of weak passwords, but some sites (like Paypal) won't
>let you paste into the "new password" and "confirm password" fields. Do you
>want to manually type in a 20 character string from a password generator? I
>get out the dice at that point.
Troy Hunt has a long discussion about the stupidity of this at:
http://www.troyhunt.com/2014/05/the-cobra-effect-that-is-disabling.html
Peter.
More information about the cryptography
mailing list