IWETHEY v. 0.3.0
|
TODO
1,095 registered users | 0
active users
| 0 LpH |
Statistics
Login
|
Create New User
Welcome to IWETHEY!
IWETHEY Home
/
IWETHEY Board
/
Open Forum
/
3
Post #185,682
by
pwhysall
12/1/04 7:52:52 AM
Reply
3
Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
zIWT meta: Which is better:
- (
admin
)
- (66)
- Nov. 30, 2004, 09:02:55 PM EST
3)
-NT
- (
mmoffitt
)
- Nov. 30, 2004, 02:43:44 PM EST
1)
- (
jb4
)
- (3)
- Nov. 30, 2004, 02:50:26 PM EST
Not for long, at least...
-NT
- (
admin
)
- (2)
- Nov. 30, 2004, 02:51:30 PM EST
Is that a threat?!?
-NT
- (
jb4
)
- (1)
- Nov. 30, 2004, 05:27:37 PM EST
You should know by now...
- (
admin
)
- Nov. 30, 2004, 05:31:06 PM EST
3, with verification
- (
Arkadiy
)
- (29)
- Nov. 30, 2004, 02:52:40 PM EST
Seconded.
-NT
- (
Yendor
)
- Nov. 30, 2004, 02:54:26 PM EST
NO
- (
FuManChu
)
- (27)
- Nov. 30, 2004, 02:57:04 PM EST
Er, buh?
- (
admin
)
- (3)
- Nov. 30, 2004, 02:58:41 PM EST
That's enough of a detriment not to warrant the risk IMO
-NT
- (
FuManChu
)
- (2)
- Nov. 30, 2004, 04:13:16 PM EST
?
-NT
- (
admin
)
- (1)
- Nov. 30, 2004, 04:16:38 PM EST
??
-NT
- (
drewk
)
- Nov. 30, 2004, 05:46:20 PM EST
Yeah
- (
Yendor
)
- (11)
- Nov. 30, 2004, 03:01:36 PM EST
How is that insecure?
- (
FuManChu
)
- (2)
- Nov. 30, 2004, 04:17:29 PM EST
You're unclear on this.
- (
admin
)
- (1)
- Nov. 30, 2004, 04:18:26 PM EST
See below.
-NT
- (
FuManChu
)
- Nov. 30, 2004, 04:22:21 PM EST
You only need one field labeled "Hint"
- (
tuberculosis
)
- (7)
- Aug. 21, 2007, 06:13:52 AM EDT
Sure...
- (
Yendor
)
- (6)
- Dec. 1, 2004, 02:06:55 PM EST
Bah.
- (
admin
)
- Dec. 1, 2004, 02:10:59 PM EST
Not quite
- (
FuManChu
)
- (4)
- Dec. 1, 2004, 04:35:59 PM EST
And my point is...
- (
Yendor
)
- (3)
- Dec. 1, 2004, 08:03:26 PM EST
I have a standard formula I use for passwords.
- (
folkert
)
- (2)
- Dec. 1, 2004, 10:20:06 PM EST
I also have a standard formula
- (
daemon
)
- (1)
- Dec. 1, 2004, 10:40:44 PM EST
Ding, Ding, Ding.
- (
folkert
)
- Dec. 1, 2004, 11:06:54 PM EST
It's only insecure if the user is allowed to proceed
- (
imric
)
- (10)
- Nov. 30, 2004, 03:13:54 PM EST
Bah. Risk is the issue.
- (
FuManChu
)
- (9)
- Nov. 30, 2004, 04:22:03 PM EST
So what's YOUR suggestion?
-NT
- (
admin
)
- (4)
- Nov. 30, 2004, 04:23:51 PM EST
Unfortunately for you #1 ;)
- (
FuManChu
)
- (3)
- Nov. 30, 2004, 04:39:05 PM EST
WTF?
- (
admin
)
- (2)
- Nov. 30, 2004, 04:41:00 PM EST
Sorry. You're right. I didn't read carefully.
- (
FuManChu
)
- (1)
- Nov. 30, 2004, 04:44:04 PM EST
So how does that change your answer?
- (
admin
)
- Nov. 30, 2004, 04:48:36 PM EST
Same risk than we have now during login.
- (
imric
)
- (2)
- Nov. 30, 2004, 04:30:48 PM EST
Same outcome, different risk--the attack surface has doubled
-NT
- (
FuManChu
)
- Nov. 30, 2004, 04:37:17 PM EST
Not mine.
- (
CRConrad
)
- Dec. 1, 2004, 02:33:03 AM EST
Can we please weight the risks
- (
Arkadiy
)
- Dec. 1, 2004, 02:04:43 PM EST
3) with some safeguards?
- (
Another Scott
)
- Nov. 30, 2004, 02:55:35 PM EST
4) WikiWay: everything wide open ... muuuaaaahahahahahaha
-NT
- (
drewk
)
- (1)
- Nov. 30, 2004, 03:29:24 PM EST
Shaddap wid' yer shaddin' ap...
-NT
- (
admin
)
- Nov. 30, 2004, 03:30:31 PM EST
3 with a "what is your dog's name?" thingie
-NT
- (
Silverlock
)
- Nov. 30, 2004, 03:44:54 PM EST
I'll join Ark, Scott(2), Don(Silverback), and YendorMike: 3+
- (
CRConrad
)
- (2)
- Nov. 30, 2004, 04:07:55 PM EST
<raises hand> on that last bit. :-)
-NT
- (
Another Scott
)
- Nov. 30, 2004, 04:12:16 PM EST
Aye - 3) with
- (
imric
)
- Nov. 30, 2004, 04:24:18 PM EST
Another few options:
- (
admin
)
- (9)
- Nov. 30, 2004, 04:50:29 PM EST
I'd rather not vote on solutions until we discuss risks
- (
FuManChu
)
- (8)
- Nov. 30, 2004, 05:43:54 PM EST
Re: I'd rather not vote on solutions until we discuss risks
- (
admin
)
- (7)
- Nov. 30, 2004, 05:53:17 PM EST
Okay, start with costs of current proposals
- (
FuManChu
)
- (3)
- Nov. 30, 2004, 07:39:31 PM EST
Missed the point. :-)
- (
admin
)
- (2)
- Nov. 30, 2004, 08:53:54 PM EST
Understood, but you're use case #1
- (
FuManChu
)
- (1)
- Nov. 30, 2004, 10:29:59 PM EST
I can do private keys...
- (
folkert
)
- Nov. 30, 2004, 10:40:15 PM EST
What do you want the software to do?
- (
Another Scott
)
- (2)
- Nov. 30, 2004, 09:10:22 PM EST
Nope, wrong
- (
drewk
)
- (1)
- Nov. 30, 2004, 09:35:34 PM EST
Yes, a *good* challenge question would be needed.
- (
Another Scott
)
- Nov. 30, 2004, 11:26:03 PM EST
how about 4, the way we do it now
- (
daemon
)
- (3)
- Nov. 30, 2004, 05:18:15 PM EST
Which is?
- (
Another Scott
)
- Nov. 30, 2004, 05:21:17 PM EST
And what would that be?
- (
admin
)
- (1)
- Nov. 30, 2004, 05:21:46 PM EST
the way it works now
- (
daemon
)
- Nov. 30, 2004, 05:34:53 PM EST
How about 5...
- (
jb4
)
- Nov. 30, 2004, 05:32:45 PM EST
16) Storing them encrypted with a "reset my password" featur
- (
folkert
)
- Nov. 30, 2004, 06:38:09 PM EST
A variation on 2)
- (
altmann
)
- Nov. 30, 2004, 07:36:03 PM EST
3), with a question 1st.
-NT
- (
broomberg
)
- Nov. 30, 2004, 08:03:43 PM EST
3 with a proviso
- (
ChrisR
)
- (1)
- Nov. 30, 2004, 08:23:21 PM EST
I like that!
-NT
- (
Arkadiy
)
- Dec. 1, 2004, 02:10:44 PM EST
3. Puts the onus of keeping valid email address on user.
-NT
- (
a6l6e6x
)
- Nov. 30, 2004, 09:08:12 PM EST
3
-NT
- (
pwhysall
)
- Dec. 1, 2004, 07:52:52 AM EST
6.
- (
static
)
- Dec. 5, 2004, 08:45:34 PM EST
"zIWT meta: Which is better:" Voting/Ratification (new thread)
- (
folkert
)
- Dec. 5, 2004, 09:59:30 PM EST
i
we
they
.org
Oh, for the love of cheese.
173 ms