On Fri 25 Aug 2017 at 11:55:01 -0500, Mario Castelán Castro wrote: > On 25/08/17 11:51, Brian wrote: > > However, users use passwords to log into accounts *online* and those > > passwords are devised to withstand an *online* attack (of 100 tests per > > second maximimum(?)). This is the only aspect a user can completely > > control and many make a good job of it. Passwords which are long and > > have some complexity but are not a burden on the user or impossible to > > memorise would withstand such an attack. (This leaves aside the defences > > the site itself has in place). > > > > A user has no control over what happens at the other end. Knowledge > > about how data are stored and safeguarded will be sparse, so the user > > will have to make a risk assessment about that; only time will tell > > whether it is correct. What doesn't seem quite right (morally and > > technically) is for it to be implied that the user should take some > > responsibilty for the site's (unknown) shortcomings. > > Unless you have a good reason to think otherwise (e.g. *you* manage the > web site and you know you are doing a good job), you should assume that > the data-base with hashes passwords will leak without the system > administrators noticing, and then an attack can be carried offline.
The problem with assumptions is that they often do not reflect the truth of a situation and predispose us to making recommendations which are not in the best interests of other people. -- Brian.