password

Ranter

kescherRant

24220

Comments

0

kescherRant

24220

8y

@hube Totally secure and totally preventing anyone that wants to destroy someone's life to destroy someone's life...
2

slar

300

8y

You can always add more entropy by adding more characters in the allowed alphabet. Unless they also restrict the length to some low limit.
1

kescherRant

24220

8y

@slar Passwort must be between 6 and 20 characters, has to contain at least one lowercase letter, one uppercase and a number, must not contain any special characters.
3

AlmightyBaka

263

8y

My ISP has a similar website with login as an incrementing for every new user number and the same default password for everyone. I could see other people's name, credit card number and lots of other things, as well as deactivate their accounts. (I did not)
3

kescherRant

24220

8y

@AlmightyBaka

S E C U R I T Y
7

siksniraps

82

8y

My university website looks only at the first 6 characters of the password. So "password" is the same as "passwo", "passwobshdhd", etc.
2

slar

300

8y

@filthyranter, that's plenty, assuming that they have sane handling on the back end (which might be too much to ask), 20 random letters and numbers is not feasible to brute force.
1

juzles

3861

8y

@siksniraps wtf why would they do that
0

kescherRant

24220

8y

@mrtnrdl The worst thing is, it wouldn't even hurt them if longer passwords were used ;-;
1

Charmgoggles

1300

8y

Makes you wonder if they even heard about hashing
1

AlmightyBaka

263

8y

@filthyranter gotta save those bytes
2

lappalal

38

8y

@mrtnrdl that's how my (former) bank Handel's online banking. except it's only numbers. And exactly 5 of them.
2

papierbouwer

863

8y

@AlmightyBaka it you're hashing the password, the hashed length of all the passwords is the same.
0

AlmightyBaka

263

8y

@papierbouwer the question is, do they? 😉😐
0

papierbouwer

863

8y

@AlmightyBaka I hope so