Quote:
Originally Posted by protagonist
the question is, since when does it matter how secure a password actually is anymore? just have a maximum number of attempts from a given IP to stop people from doing the brute force method.
it makes no sense to force people to have certain passwords when the only way in which they actually are compromised is by having their whole computer's security being compromised. when the user's security is bypassed it doesn't matter if the password is "bugger" or "ijs8Ej9" or whatever, because they are equally easy to steal if a trojan is present.
|
Exactly, it doesn't matter. So why force us to use a password that is randomly created that is very hard to remember? Most people leave them in their e-mail in box's, which is a risk. They should just allow people to set their own password, it's just more convenient.