Author | Post | ||
Aggelos [none yet] |
I've try alot of times to change my pw.. But i was getting the same msg over and over again.."Your new pw is invalid" ..!!? Was a "powerfull" pw (Letters:capitals and non,numbers and symbols). why should exist a limitation? |
||
16.09.2006 21:05:54 |
|
||
unknown user |
Angelos it is clearly listed which characters are allowed in the password. Check the registration form. You ask why. Well OBVIOUSLY this is done for security reasons. And no not to make passwords easier to crack. If the site wanted to know your password, it wouldn't encrypt it in the first place now would it? The reason is that it's indefinatly safer to use a whitelist, rather than a blacklist. There are several things that need to be considered in website security. clientside, serverside, transfer, ... It's safer to allow only a set of know characters, which will not cause any trouble. You might believe this is rediculous, but maybe you should look up the hystory of "soft hyphens". And who knows what unknown vulnerabilities could be caused, by dealing with a set of unknown characters. This should probably be done everywhere on the site. |
||
17.09.2006 01:25:45 |
|