Password Security: Difference between revisions

Revision as of 21:18, 6 February 2007

Virgin credit cards must want their customers data to be hackable. You can only have a six letter, single case password, with no symbols. To make things worse, they disable keyboard input and force you to use a virtual keyboard. Keystroke loggers quickly figured out how to defeat [virtual keyboards], and they must be hell for people with disabilities.

A certain large bank in Australia has restrictions on how complex your password can be. I was shocked to find out the you couldn't include symbols or accented letters in your password. I wonder if they do this to ensure that they CAN break your password, in case they decide they need it. Up to this point, I've only found banks to specify a minimum password complexity, not a maximum.

@@ Line 1: / Line 1: @@
+[[Image:virgin_password.PNG]]
+Virgin credit cards must want their customers data to be hackable.  You can only have a six letter, single case password, with no symbols.  To make things worse, they disable keyboard input and force you to use a virtual keyboard.  Keystroke loggers quickly figured out how to defeat [[http://blogs.securiteam.com/index.php/archives/678 virtual keyboards]], and they must be hell for people with disabilities.
 [[Image:password.PNG]]
 A certain large bank in Australia has restrictions on how complex your password can be.  I was shocked to find out the you couldn't include symbols or accented letters in your password.  I wonder if they do this to ensure that they CAN break your password, in case they decide they need it.  Up to this point, I've only found banks to specify a minimum password complexity, not a maximum.