Password Requirements

  • Thread starter David C. Holley
  • Start date
D

David C. Holley

Any thoughts on requirements for a password? I've been thinking about
the following...

Minimum six characters
Must contain at least 1 number and at least 1 letter
Cannot contain the user's first or last name
Cannot contain the user name of the person's email address
Cannot contain the domain name of the person's email address
 
E

Evertjan.

David C. Holley wrote on 06 mrt 2004 in
microsoft.public.inetserver.asp.general:
Any thoughts on requirements for a password? I've been thinking about
the following...

Minimum six characters
Must contain at least 1 number and at least 1 letter
Cannot contain the user's first or last name
Cannot contain the user name of the person's email address
Cannot contain the domain name of the person's email address
Click to expand...

Good thinking, but it depends on the level of security required.
 
E

Evertjan.

Alistair wrote on 06 mrt 2004 in microsoft.public.inetserver.asp.general:
why not generate a random password for each user??
Click to expand...

Why not generate a random user for each password??

Perfect security !!

;-}
 
B

Bob Barrows

Evertjan. said:
Alistair wrote on 06 mrt 2004 in
microsoft.public.inetserver.asp.general:

Why not generate a random user for each password??

Perfect security !!

;-}
Click to expand...

Unless someone gets the password from the post-it note stuck on the user's
monitor ... ;-)

Bob Barrows
 
E

Evertjan.

Bob Barrows wrote on 06 mrt 2004 in
microsoft.public.inetserver.asp.general:
Unless someone gets the password from the post-it note stuck on the
user's monitor ... ;-)
Click to expand...

That is the beauty of my scheme, Bob:

As the user is random,
your someone will never know which user a password belongs to.

The top security effect is
that even no legitimate user will be able to log on.

This effect has a triple advantage:
1 program bugs and html bugs do not have to be repaired.
2 the database does not need holding any sensitive data.
3 even Californian blackouts have no serious business disadvantages.
 
D

David Holley

I think you all need therapy. One a related note though, I used to work
for an organization with multiple hotel properties & entertainment
venues (a whole kit-n-kabodle in fact). One day, my boss and I came up
with the idea of enhancing our property management system so that
anytime a guest received a credit for an inconvienice(sp), the system
would randomly select a location to charge for the credit, as opposed to
the front desk paying for it - something for which we did often.

David H.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Reg expression for password complexity requirements 7
I dont get this. Please help me!! 2
Registration form 13
Remote SSH and Configuring code help 0
Tasks 1
Please, help me. 1
Only one table shows up with the information 2
Scipy install Problems 1

Members online

No members online now.
Total: 29 (members: 3, guests: 26)
Robots: 197

Forum statistics

Threads
473,756
Messages
2,569,540
Members
45,025
Latest member
KetoRushACVFitness

Latest Threads

Top