• Subject: Re: Password "Hint" Feasibility
  • From: "Nathan M. Andelin" <nathanma@xxxxxxxxx>
  • Date: Wed, 8 Nov 2000 13:26:24 -0700

<snip>
Call me paranoid, but it seems to me that you would be making it a lot
easier for some unscrupulous insider (or even hacker) to get someone else's
password.
<end snip>

Some excellent ideas have been posted of ways to implement a password hint.
But, that doesn't mean its a good idea.  I'd have to agree that "hints"
offer a potential security loophole.  Ironic, because I just finished a web
application in which I provided a password hint feature.  While I might give
a hint for access to a fairly innocuous application, I certainly wouldn't
want that to be a feature of OS/400.




+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact [javascript protected email address].