[wp-hackers] Stronger default passwords
Podz
podz at tamba2.org.uk
Wed Dec 22 05:39:01 UTC 2004
Kitty wrote:
> Maybe it's time to make the generated passwords a little longer? With
> all the PHP security news + phpBB cracks coming out/going around, it
> might be a good idea.
>
> I suggest 10 digits ala:
> $user_pass = substr(md5(uniqid(microtime())), 0, 10);
>
> Overkill?
No, but with respect, virtually pointless.
I deal with many many WP / ftp and mysql passwords and it comes down to
two types of user:
- those that do care
- those that haven't a clue
The number of people who have the same password for each of the above is
amazing, and without fail I point people at a freeware password managing
solution. Whether or not they choose to use that is up to them.
Not saying it shouldn't be done, just that minimal effort should be
expended on it.
P
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : /pipermail/hackers_wordpress.org/attachments/20041222/88199745/signature.bin
More information about the hackers
mailing list