Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post - You Know What Really Grinds My Gears? Now with 3x more gears...

jammies · 07-14-2022, 06:21 PM

An IT department that thinks 30 character passwords are secure is an IT department that either is incompetent or is being forced by upper management to do stupid things to make it look like security is "improving".

The main vectors for stealing passwords involve automated methods that use malware, phishing, compromised websites, proxies, or other ways to record them. A script that saves your password doesn't care if it is 8 characters or 800 long, those are equally just blocks of data. The only attacks it helps prevent are brute-force ones and stupid users; the first is better solved by other means, and the second is insoluble.

07-14-2022, 06:21 PM	#905
jammies Basement Chicken Choker Join Date: Jan 2007 Location: In a land without pants, or war, or want. But mostly we care about the pants. Exp:	An IT department that thinks 30 character passwords are secure is an IT department that either is incompetent or is being forced by upper management to do stupid things to make it look like security is "improving". The main vectors for stealing passwords involve automated methods that use malware, phishing, compromised websites, proxies, or other ways to record them. A script that saves your password doesn't care if it is 8 characters or 800 long, those are equally just blocks of data. The only attacks it helps prevent are brute-force ones and stupid users; the first is better solved by other means, and the second is insoluble. __________________ Better educated sadness than oblivious joy.