[Cryptography] Removal of spaces in NIST Draft SP-800-63B
Patrick Chkoreff
patrick at rayservers.net
Tue Apr 4 08:12:24 EDT 2017
Kevin W. Wall wrote on 04/03/2017 09:33 PM:
> And, in this case, I think you can have your cake and eat it too. If
> you restrict pasting *ONLY* for the "password confirmation field" (you
> know, that obnoxious place where they insist you re-enter your
> password so you didn't mistype it the first time), they COULD also
> support a check-box that says "I'm using a password manager and forgo
> manually typing my password in to confirm that it is valid." so that
> you could completely forgo retyping it the second time for
> confirmation purposes.
I personally would never skip the confirmation step under any circumstances.
When I generate a random password and save it somewhere, I always copy
and paste it into the first password field. Then in the second
(confirmation) password field, I always type it manually.
That minimizes the chance of a copy and paste error: for example,
missing the Ctrl-C and pasting in the results of a previous copy, or
missing a character when I highlight the password to be copied.
-- Patrick
More information about the cryptography
mailing list