Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
b3b340657y@Artemix thanks :3 I don't really care about how many ++s I have and I totally understand someone down voting me because I probably said something that triggered him/her whatever. But that's just my way to generate passwords (working in 2017) 😂
Love you BTW <3 -
Shisuki6037y@Artemix Disabling Js wouldn't do much.
Cuz y'know.. There's that thing called backend validation 🙄 -
Huuugo25057yPlease ensure your password complies with the following rules:
-between 3 and 4 characters long
- Must start with a capital letter
- Must not contain digits or any other non-letter characters except punctuation
- Must end with one of the following characters: .!?
- Must not be the answer to Life, the universe and all that -
@Artemix Yeah, they probably haven't even bothered doing the backed validation...
-
Seriously this shit is so simple to pull off, here some script of mine that is even countering brute force though encryption time.
https://gist.github.com/Hammster/... -
@Artemix it would stale , the iteration count would need to be adjusted to the server hardware and userbase.
I normally aim 0.3s hash operation on users, for administator accounts, on the other hand, I have a higher iteration count, therefore, a longer hashing process.
Related Rants
Are you serious? Are you afraid of an SQL injection or something, and instead of properly sanitizing your queries you disallow characters? Or is your software and database so outdated that you're afraid special characters will break it? Goodbye security
undefined
rip
passwords
security
motherfricker