[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Home]
4chanarchives logo
>Make a 64 character password for a website account The confirmation
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.

You are currently reading a thread in /g/ - Technology

Thread replies: 20
Thread images: 6
File: Dolfy_HD.jpg (264 KB, 1024x576) Image search: [iqdb] [SauceNao] [Google]
Dolfy_HD.jpg
264 KB, 1024x576
>Make a 64 character password for a website account
The confirmation email the website sent me has the password in fucking clear text
>The password is displayed in clear text on my account control panel

Fucking hell, why do websites keep doing this? Hashing isn't some new concept.
>>
>64 character
Whats the point
>>
>>55643531

Well, it's supposed to make the hashes more difficult to crack.
>>
>>55643546
>10 mins instead of 2
O no
>>
>>55643681
>>
>>55643762
That implies it's a brute force attack

I'm which anything between 12-18 is fine
Under is bad and over is autism
>>
>>55643762

> Not accounting GPUs
>>
File: angry-white-man.jpg (68 KB, 633x758) Image search: [iqdb] [SauceNao] [Google]
angry-white-man.jpg
68 KB, 633x758
>make password consisting of 128 Unicode characters
>can't log in
>end up having to look like a complete fucking retard using password recovering only a minute after signing up
>>
>>55643895
>>55643762
assuming the credential server will allow the same IP to try more than a few passwords every minute.
>>
>>55643940
>>55643895
>>55643815
>>55643762
>>55643546
>>55643531
>>55643402
psedudo-intellectuals
>>55643991
/thread
>>
>>55643402
just make your passwords 30 characters long. jej, 30 character passwords arent hard to remember, here's an old one i never use anymore
_36nz))=-+/::&N1.g/\\G3.r,SG.N
>>
>>55643991
>working as a webdev because of bad decisions in life (IS degree)
>Lead "developer" rolled his own "encryption" algorithm
>Doesn't even block ip after too many wrong attempts
Kill me already
>>
File: 1450693396048.png (73 KB, 239x200) Image search: [iqdb] [SauceNao] [Google]
1450693396048.png
73 KB, 239x200
>>55643762
>use password that takes 10 years to crack
>change it every 9 years
>>
File: 1446776402289.gif (2 MB, 425x481) Image search: [iqdb] [SauceNao] [Google]
1446776402289.gif
2 MB, 425x481
>>55643402
>be a programmer
>handle users module
>team lead thinks i hashed the passwords
>they didnt bother to check the users table
>roll out to production phase
>implements to some bumfuck company nowhere

hehehe
>>
File: confusion torture.jpg (25 KB, 476x353) Image search: [iqdb] [SauceNao] [Google]
confusion torture.jpg
25 KB, 476x353
>>55643991
>2016
>Still thinks attacks waste time brute forcing individual account passwords through standard channels

Have you been under a rock lately? The number of breaches have been astounding. Not just the big ones, but every other month I'll get an email about a breach, sometimes for a service I long forgot about, and end up going through and either deleting that account or maxing out the password limits for that host to render most dictionary, rainbow table and brute force attacks moot.

No, the attacker is going to get a dump of the service's data first somehow. Only then will they bother breaking protections of passwords on the database when they can have at it locally. Maybe they'll sell it to someone else, and then distributed efforts will be had to get your password.

Autism level or not, strong passwords, even autismal level strong passwords are doable now with good password managing solutions and there is no excuse to use the same password in more than one place. Its not worth the risk to blow it off otherwise.
>>
I worked for a company where they stored credit card information in plain text. I dumped like 3 dbs before leaving, they never noticed.
>>
>>55643762
typing your password on a phone must be an ass
>>
>>55644857

>Having sensitive info on a closed source device
>>
>>55644461
lol, I used to do an internship for the government.

>get access to super secret info for no reason at all
>everyone had to do an oath of integrity, but not me
>go through the info when I got bored
>nobody ever said a thing
>ask a question about it
>I cant talk about that anon thats secret
Welp.
>>
>>55644460
Don't forget that the easiest way to crack a system is to exploit the weakest link and straight up ask the person who has the information you need.
Thread replies: 20
Thread images: 6

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.
If a post contains personal/copyrighted/illegal content you can contact me at imagescucc@gmail.com with that post and thread number and it will be removed as soon as possible.