No, the main threat is people using the same password on multiple sites. Then the bad guys set up some site that requires registration with a username and password, and bingo, they've got a zillion username/password combos to try.
I suspect that's the commonest problem today, and strength of password does nothing to help. On Thu, 11 Aug 2011, Larry Seltzer wrote: > Do you mean that social engineering is the main threat? If so, maybe it's > good that users have complicated passwords they can't remember, lest they > give them up to the wrong people. > > On Thu, Aug 11, 2011 at 8:22 AM, Drsolly <[email protected]> wrote: > > > Also true that brute force attacks, or dictionary attacks, aren't the main > > threat. > > > > On Wed, 10 Aug 2011, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > > > > > http://xkcd.com/936/ > > > > > > Too true. Also too bad that so many sites limit you to 14-16 characters > > ... > > > > > > ====================== (quote inserted randomly by Pegasus Mailer) > > > [email protected] [email protected] [email protected] > > > Basic research is what I'm doing when I don't know what I'm doing > > > - Werner von Braun > > > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > > > http://blogs.securiteam.com/index.php/archives/author/p1/ > > > http://twitter.com/rslade > > > _______________________________________________ > > > Fun and Misc security discussion for OT posts. > > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > > Note: funsec is a public and open mailing list. > > > > > > > _______________________________________________ > > Fun and Misc security discussion for OT posts. > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > Note: funsec is a public and open mailing list. > > > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
