oh, and before I forget those are more appropriate counter measures: a) inform the user that the PW is cs (maybe even in red for the DAUs) b) use JS to display red warning symbols if capslock is (accidently) active: http://www.codeproject.com/KB/scripting/Detect_Caps_Lock.aspx c) communicate and educate it (especially for those DAUs^^)
otherwise its like leaving the door open because someone is unable to use a key... i wonder how they start and login to their windows workstation in the first place? On 16 Dez., 13:50, euromark <dereurom...@googlemail.com> wrote: > that has nothing do to with computer literate persons or not. > a password is by definition (and not without good reason) case > sensitive. > if those people dont know that by now they should learn it. > because its this way everywhere in this world > > it starts with the windows logon and ends with some google email > account on the www. > > you are creating a flaw in procedure and end up teaching them the > wrong stuff. > just my 5 cents > > On 16 Dez., 10:57, Stephen <step...@ninjacodermonkey.co.uk> wrote: > > > > > > > > > Unfortunately our customers are not always computer literate, I receive a > > lot of calls about incorrect login details, in reality the customer is doing > > something like this when the password is all lowercase. > > > Password > > > > PASSWORD > > > PassWord > > > Whether the hash is uppercase or lowercase doesn't bother me, I don't > > consider it a big enough security flaw to leave this amendment out. > > > Also 'Andy > > Considered changing your settings in gmail? > > > On 15 December 2010 21:38, euromark <dereurom...@googlemail.com> wrote: > > > > by the way > > > you should NEVER upper oder lowercase the password > > > leave it as it is or you lower the security of the the site in general > > > and compromise the security of the user passwords. > > > thats not how it is done > > > > the hash will be lowercase anyway after sha1() > > > > On 15 Dez., 21:11, AD7six <andydawso...@gmail.com> wrote: > > > > btw, slightly OT but I find it really irritating to register somewhere > > > and > > > > have my username become ad7six :) > > > > > AD > > > > Check out the new CakePHP Questions sitehttp://cakeqs.organdhelp others > > > with their CakePHP related questions. > > > > You received this message because you are subscribed to the Google Groups > > > "CakePHP" group. > > > To post to this group, send email to cake-php@googlegroups.com > > > To unsubscribe from this group, send email to > > > cake-php+unsubscr...@googlegroups.com<cake-php%2bunsubscr...@googlegroups.c > > > om>For more options, visit this group at > > >http://groups.google.com/group/cake-php?hl=en > > > -- > > Kind Regards > > Stephen @ NinjaCoderMonkey > > > www.ninjacodermonkey.co.uk Check out the new CakePHP Questions site http://cakeqs.org and help others with their CakePHP related questions. You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
