Re: [lookup] speed sales pitch
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 53507
interpreted = N
texte = I hear ya, but IMHO I think that *any* easily gleaned, related info for use as a password is not very secure at all... If I set it up the way you (or the client) suggests, and I was a big jerk, I (as a malicious ne'er-do-well, of course) could go to the site, realize that they were looking for phone numbers as password, then type in 'John_Peacock' as my username and then '301-459-3366 ' as my password and then change the password and lock you out of your account...I am trying to talk him out of this for obvious reasons...Any opinion on the speed of a [lookup] on a larger-than-average .db?-Dan------------------------------------------------------------http://www.StrongGraphicDesign.com(208) 319-0137 | Toll-free p/f 877-561-1656------------------------------------------------------------On Tue, 21 Oct 2003 12:01:09 -0400 John Peacock
wrote:>Dan Strong wrote:>>>A client has asked that I build his login scheme so that his clients' >>phone numbers are the password ...>>If you can suggest that their _initial_ password is the phone number and then make the user >choose a new password after they login for the first time. _Much_ more secure...>>John>>-- >John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4501 Forbes Boulevard>Suite H>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5748>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I hear ya, but IMHO I think that *any* easily gleaned, related info for use as a password is not very secure at all... If I set it up the way you (or the client) suggests, and I was a big jerk, I (as a malicious ne'er-do-well, of course) could go to the site, realize that they were looking for phone numbers as password, then type in 'John_Peacock' as my username and then '301-459-3366 ' as my password and then change the password and lock you out of your account...I am trying to talk him out of this for obvious reasons...Any opinion on the speed of a [lookup] on a larger-than-average .db?-Dan------------------------------------------------------------http://www.StrongGraphicDesign.com(208) 319-0137 | Toll-free p/f 877-561-1656------------------------------------------------------------On Tue, 21 Oct 2003 12:01:09 -0400 John Peacock wrote:>Dan Strong wrote:>>>A client has asked that I build his login scheme so that his clients' >>phone numbers are the password ...>>If you can suggest that their _initial_ password is the phone number and then make the user >choose a new password after they login for the first time. _Much_ more secure...>>John>>-- >John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4501 Forbes Boulevard>Suite H>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5748>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
"Dan Strong"
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
AND/OR searches in WebCat 3.07 (2003)
Webcat XML/XSLT Performance vs. static Html (2006)
Discount solution? (1998)
Re2: frames & carts (1997)
Error Log.db --however (1997)
WebCat2b12 CGI Mac - [shownext] problem (1997)
Netscape 3.01 can't see db in form (was problems problemsproblems) (1997)
php vs WebCatalog (2000)
Bug Report, maybe (1997)
notification solutions (1997)
[include file=filename.inc&strip=t] (2002)
TCPConnect , can I get an example, pretty please. (2002)
redirect strangeness (2000)
MS SQL (thats S not Y) (2004)
Troubles with Selection Drop Down List Search (1998)
Store Example to Use (1998)
creator code (1997)
[ShowIf] and empty fields (1997)
unique ascending numbers (2003)
Sorting by date (1997)