[Owasp-leaders] Generating Passwords

Pravir Chandra chandra at list.org
Thu Jan 15 19:30:44 EST 2009

I completely agree with Jim with respect to server-side apps. However, its important to keep in mind your threat model when considering code in other environments. For instance, it could be a valid concern for environments with partially trusted administrators or for code in appliance systems that must be resistant to reverse engineering.


~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~ ~~~~~ ~~~ ~~ ~
Pravir Chandra                      chandra<at>list<dot>org
PGP:    CE60 0E10 9207 7290 06EB   5107 4032 63FC 338E 16E4
~ ~~ ~~~ ~~~~~ ~~~~~~~~ ~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~

-----Original Message-----
From: "Jim Manico" <jim.manico at aspectsecurity.com>

Date: Thu, 15 Jan 2009 19:19:09 
To: <owasp-leaders at lists.owasp.org>; <owasp-leaders at lists.owasp.org>
Subject: Re: [Owasp-leaders] Generating Passwords

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org

More information about the OWASP-Leaders mailing list