Whitespace in passwords

From: bryan allott (homegrown_at_bryanallott.net)
Date: 09/06/05

  • Next message: Jeff Williams: "ANN: WebGoat 3.7 - Application Security hands-on learning environment" 
    To: <pen-test@securityfocus.com>
Date: Tue, 6 Sep 2005 11:19:58 +0200

    generally, and i dont know if this is social conditioning due to the
    misnomer "passWORD" rather than passPHRASE but it seems that [most?] people
    choose passes that dont contain whitespaces, and in fact, there are some
    system implementations that wont allow whitespaces in the password.
    my main question, re security, is wether the whitespace made the password
    too vulnerable? [historically] and why this constraint is introduced in many
    systems.. [but then, if myth- why propogate it?]
    i'm thinking that whitespaces [if yr system can handle them, and why not?]
    would add another measure of complexity in cracking pwds?

    ------------------------------------------------------------------------------
    Audit your website security with Acunetix Web Vulnerability Scanner:

    Hackers are concentrating their efforts on attacking applications on your
    website. Up to 75% of cyber attacks are launched on shopping carts, forms,
    login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
    futile against web application hacking. Check your website for vulnerabilities
    to SQL injection, Cross site scripting and other web attacks before hackers do!
    Download Trial at:

    http://www.securityfocus.com/sponsor/pen-test_050831
    -------------------------------------------------------------------------------

  • Next message: Jeff Williams: "ANN: WebGoat 3.7 - Application Security hands-on learning environment"
    • Quantcast