Re: Dirty Word Filter -- MIDRANGE-L

Subject: Re: Dirty Word Filter
From: Adam Glauser <adamglauser@xxxxxxxxxxxx>
Date: Fri, 25 Jan 2008 10:03:38 -0500
List-archive: <http://archive.midrange.com/midrange-l>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

From RPG400-L ... thread drifted to security practices.

Lim Hock-Chai wrote:

I don't see the point of filtering Dirty word in password. Shouldn't it
be a private thing. Nobody else should be able to see it and nobody
else should know it but the owner.

The only reason I could think of was that it reduces your vulnerability to dictionary attacks. That said, is it really worth the effort to focus on "dirty" words? To my mind, if you restrict "dirty" words, may as well restrict all dictionary words. Not only that, but there are other ways to protect against dictionary attacks anyway (such as varying off devices after some number of unsuccessful authentication attempts).

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.