Re: [lookup] speed sales pitch
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 53507
interpreted = N
texte = I hear ya, but IMHO I think that *any* easily gleaned, related info for use as a password is not very secure at all... If I set it up the way you (or the client) suggests, and I was a big jerk, I (as a malicious ne'er-do-well, of course) could go to the site, realize that they were looking for phone numbers as password, then type in 'John_Peacock' as my username and then '301-459-3366 ' as my password and then change the password and lock you out of your account...I am trying to talk him out of this for obvious reasons...Any opinion on the speed of a [lookup] on a larger-than-average .db?-Dan------------------------------------------------------------http://www.StrongGraphicDesign.com(208) 319-0137 | Toll-free p/f 877-561-1656------------------------------------------------------------On Tue, 21 Oct 2003 12:01:09 -0400 John Peacock
wrote:>Dan Strong wrote:>>>A client has asked that I build his login scheme so that his clients' >>phone numbers are the password ...>>If you can suggest that their _initial_ password is the phone number and then make the user >choose a new password after they login for the first time. _Much_ more secure...>>John>>-- >John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4501 Forbes Boulevard>Suite H>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5748>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I hear ya, but IMHO I think that *any* easily gleaned, related info for use as a password is not very secure at all... If I set it up the way you (or the client) suggests, and I was a big jerk, I (as a malicious ne'er-do-well, of course) could go to the site, realize that they were looking for phone numbers as password, then type in 'John_Peacock' as my username and then '301-459-3366 ' as my password and then change the password and lock you out of your account...I am trying to talk him out of this for obvious reasons...Any opinion on the speed of a [lookup] on a larger-than-average .db?-Dan------------------------------------------------------------http://www.StrongGraphicDesign.com(208) 319-0137 | Toll-free p/f 877-561-1656------------------------------------------------------------On Tue, 21 Oct 2003 12:01:09 -0400 John Peacock wrote:>Dan Strong wrote:>>>A client has asked that I build his login scheme so that his clients' >>phone numbers are the password ...>>If you can suggest that their _initial_ password is the phone number and then make the user >choose a new password after they login for the first time. _Much_ more secure...>>John>>-- >John Peacock>Director of Information Research and Technology>Rowman & Littlefield Publishing Group>4501 Forbes Boulevard>Suite H>Lanham, MD 20706>301-459-3366 x.5010>fax 301-429-5748>>>------------------------------------------------------------->This message is sent to you because you are subscribed to> the mailing list .>To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
"Dan Strong"
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WC TableGrinder (1997)
WCS Newbie question (1997)
WebCat2b13MacPlugIn - [include] doesn't allow creator (1997)
Re:quit command on NT (1997)
Fwd: Problems with Webcatalog Plug-in (1997)
Re:quit command on NT (1997)
A little syntax help (1997)
Help Please WebDNA 6 Secure Forms Problem (2004)
pop up building with summarize (1998)
WebCat2.0 acgi vs plugin (1997)
sorting... (2003)
How is it done? (1998)
database search help (2003)
[OT] Democratic Code (2002)
Another bug to squash (WebCat2b13 Mac .acgi) (1997)
Blocking form spam (2006)
What abobut variables named max ??? (2000)
Date search - yes or no (1997)
verify online (1997)
WC2b15 File Corruption (1997)