security - Is the password weak under dictionary attack -

-

Thanks for watching All honestly answered useful answers are

I used the password password meter So that the user will know how strong the password they choose is. But the password tester does not clearly tell how much I am weak under a dictionary attack during the password, how do I check for it, and is it worth it?

In addition my regular password checker starts with Javascript in the browser (no broadcast is required). If I want to check for the weakness of the dictionary attack, then I have to broadcast it on a script. I understand that I should not broadcast it clearly.

Can someone help me? How do I password under a dictionary attack is not weak and how can I encrypt it before transmitting to my script?

Additional information:

Why do I feel that I need to check dictionary attacks other than regular password meters? As some of you have said, users can choose a password like P @ SSword or Yellow12. But most password strength checkers coming to me will be considered as a good password. At least I am using it and it seems (and it really feels that this is one of the best password checkers.) If someone is aware of a strong password checker, please mention it, but only if You know on the basis of experience that it is strong; )

But my question really is: How can I check a dictionary attack on password? I have read somewhere that this has been done against hash, but where do I search? Once I find out how to do this, I will decide whether it is worth it or not.

Thanks to everyone who has helped so far :)

I come I am looking forward to this question later than others, and I am surprised that no one has noticed that no dictionary can be completely investigated. At least no one has said it in so many words.

I think that you need a bigger dictionary, where every entry has worn out and it will allow you to say that the user chooses to compare the hashed password The passwords are not in your dictionary, but how will you be sure that it is complete ?

Obviously, you can not be sure. Do you include foreign words? technical term?

Does Password Fireworks Reach Better Dictionaries?

I think that what you can do is advice to make users a good password - show them some examples - but this is their choice.

And do the SSL thing.


Comments

Post a Comment

Popular posts from this blog

asp.net - Javascript/DOM Why is does my form not support submit()? -

-
This is my first time working with asp.net and javascript, so I do not know very good web resources, or Much about javascript debugging I have to find out that on line oFormObject.submit (); Microsoft JScript Runtime Error: Object does not support this property or method I am using the link to work as a button because I am terrible in aesthetics and I think That link will look more professional than a table of 50 buttons. I have read that this solution can cause problems with browsers due to pre-rendering of my links and many additional traffic and problems, but CSS gives me a button like a link, which has issues of alignment and difference seemed to. & lt ;! DOCTYPE HTML PUBLIC "- // W3C // DTD HTML 4.01 // N" "http://www.w3.org/TR/html4/strict.dtd"> & Lt; Html xmlns = "http://www.w3.org/1999/xhtml" & gt; & Lt; Head & gt; & Lt; Link rel = "stylesheet" type = "text / css" href = "defect differen
Read more

sockets - Delphi: TTcpServer, connection reset when reading -

-
I am trying to implement one for Delphi, but there are some problems with communication. Fitnesse will start my process, and give me a portmember as a command line argument. Then I should make a socket on the port number given to me, and fitness will connect to that port I am using a TCPCP server for the job: < Pre> TcpServer1.LocalPort: = ParamStr (ParamCount); TcpServer1 Active: = true; On OnEXEPT () -Event, I send the protocol version to use as specified in the protocol. Process TForm1.TcpServer1Accept (From: TOBject; ClientSocket: TCustomIpClient); Var s: ansistring; Start clientSocket. Syndrome ('slim - v 0.0', # 10); SetLength (S, 6); ClientSketts Receavebook (S, 6); End; When I call ReceiveBuf (), the process ends, and fitness throws an exception: java.net.SocketException: connection Reset I have seen what sent and received. It shows that my code sends the protocol version, fitness sends back a message, and when I try to get this message
Read more

javascript - Classic ASP "ExecuteGlobal" statement acting differently on two servers -

-
I have a strange problem that I really do not know. In addition to developing a new ASP.NET site, I have to support the old "classic ASP" site. It is written in VBScript with a batch of JavaScript functions. Many of the JavaScript functions include 'files' Everything is fine on our production system (which security is controlled by another group - this is a military installation) Debugging them once did not work I). However, I have a fix for a vague bug that needs to be fully tested and some functions do not run under the "local" copy of the website that runs on my PC. For the record, I am running IIS 5.1 on XP. The problem is that some Javascript functions are running "OK" on the production server, but when they use it as a server, they are not defined on my PC what is happening that last Programmer, for some reason, has decided to put some functions in a series of files, which according to the observations, imitate the "need_once
Read more