|
Posted by on October 7, 2005, 7:24 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi,
I've just created a password generator beta, and would be interested in
getting feedback on it. It's JSP/Java-based, and can be found at
http://devhed.com/password-creator.
The "About" page has a quick survey on it for you to fill out.
Thanks,
Walter Gildersleeve
Freiburg, Germany
|
|
Posted by Winged on October 12, 2005, 7:02 pm
If you were Registered and logged in, you could reply and use other advanced thread options
subscriptions@easypeas.net wrote:
> Hi,
>
> I've just created a password generator beta, and would be interested in
> getting feedback on it. It's JSP/Java-based, and can be found at
> http://devhed.com/password-creator.
>
> The "About" page has a quick survey on it for you to fill out.
>
> Thanks,
>
> Walter Gildersleeve
> Freiburg, Germany
>
Well initial thought of password gen was cool, then I realized it gave
the same random complex passwords repeatedly. Didn't try either of the
other options due to lack of security of method.
Winged
|
|
Posted by on October 19, 2005, 4:06 am
If you were Registered and logged in, you could reply and use other advanced thread options > it gave the same random complex passwords repeatedly
I think it only *appears* to. What browser are you using? It seems
that mozilla only resubmits a form if you change something in the form;
if you repeatedly click "submit," nothing happens. I'm working on a
work-around now.
> due to lack of security of method
is this related to the above comment? Or do you mean something else
(ie, no https, for instance)?
|
|
Posted by Winged on October 19, 2005, 9:12 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>>it gave the same random complex passwords repeatedly
>
>
> I think it only *appears* to. What browser are you using? It seems
> that mozilla only resubmits a form if you change something in the form;
> if you repeatedly click "submit," nothing happens. I'm working on a
> work-around now.
>
>
>>due to lack of security of method
>
>
> is this related to the above comment? Or do you mean something else
> (ie, no https, for instance)?
>
If (BIG IF) I were using a web generated password generator, I would
want it in a secure pipe. Yes, I was using Firefox. Would never try an
untrusted site with IE. Of course I would never get passwords from one
either:-P
But the examples of the complex password I saw (working from memory now)
did not seem to be extremely complex in password formation. I would
prefer at least 2 chars from each of the 4 char sets in a more random
pattern. There is an old free utility on the net called password safe
that does a reasonable job at creating random passwords at a user
defined length, of course it remembers them for me too... Though it is
even more useful to also include alt codes for chars not readily entered
for even higher security. Let me know when you fix the Firefox issue,
curious to see it work.
Winged.
|
|
Posted by on October 19, 2005, 4:16 am
If you were Registered and logged in, you could reply and use other advanced thread options
I'm doing is adding a hidden, random input field to the password form,
therebye making Mozilla think the data has changed, even when it
hasn't.
Thanks for the tip!
|
| Similar Threads | Posted | | How to set a password on a cd/dvd? | August 1, 2007, 4:11 am |
| Boot password | November 2, 2005, 8:35 pm |
| SYSTEM PASSWORD | November 16, 2005, 8:17 pm |
| Password Security | January 21, 2006, 6:59 pm |
| RAR Archiving & Password | October 6, 2006, 9:18 pm |
| Password Decoding | November 29, 2006, 5:06 pm |
| 4 FACTOR PASSWORD | March 30, 2007, 4:04 pm |
| Can Any Password be compromised ? | July 7, 2007, 4:34 pm |
| Password cracking and webmail. | August 29, 2005, 1:12 am |
| Innovative password security | September 1, 2005, 4:51 am |
|
XML site map