Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So what would you do here? Disallow "mickael" from the password? That's pretty user-hostile and almost completely pointless.


Is it pointless to reduce the attack vector against your website? And, no, for a banking system, it is not that user-hostile to say things like "we have found that using <pattern> in your password makes it easy for people to guess, please choose a more complicated password".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: