[OWASP_PHPSEC] Dictionary Attack ?

rahul chaudhary rahul300chaudhary400 at gmail.com
Sat Jun 1 05:39:04 UTC 2013


no no...what I was asking is that if user enters some password that is
found in dictionary, then to thwart that....like if I keep password
"abridge" or "denounce" or "queen" or "rats"...something like this...


On Sat, Jun 1, 2013 at 1:23 AM, Abbas Naderi <abiusx at owasp.org> wrote:

> Yes,
> more entropy and using more character sets in the password. Thats why we
> count them towards strength!
> -A
> On ۱۱ خرداد ۱۳۹۲, at ۷:۴۳, rahul chaudhary <rahul300chaudhary400 at gmail.com>
> wrote:
>
> > HI...I am still searching for this, but I thought it would be faster if
> I ask it here.
> >
> > Do you know any way to stop dictionary attacks. We can keep a list of
> dictionary words and see if user-supplied password matches any of them. But
> other than this, do you suggest anything?
> >
> > --
> > Regards,
> > Rahul Chaudhary
> > Ph - 412-519-9634
> > _______________________________________________
> > OWASP_PHP_Security_Project mailing list
> > OWASP_PHP_Security_Project at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp_php_security_project
>
>


-- 
Regards,
Rahul Chaudhary
Ph - 412-519-9634
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130601/0811fb40/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list