Re: •Re: A reasonable temporary password generator?

http://qs321.pair.com?node_id=257106

in reply to •Re: A reasonable temporary password generator?
in thread A reasonable temporary password generator?

Good question; sorry I didn't give more. This would just be a placeholder for a new website user account registration, or for a lost password reset, probably md5'd into a DB, no SSL or htpasswd in this case.

Comment on Re: •Re: A reasonable temporary password generator?

Replies are listed 'Best First'.
•Re: Re: •Re: A reasonable temporary password generator? by merlyn (Sage) on May 10, 2003 at 11:43 UTC
In that case, since a human would have to enter it, I'd stick with 6-to-10 alphanumerics only, but run it past cracklib to make sure it's not trivially brute-forceable, and also have some mechanism to ensure that it gets changed on first use. -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]
Re: •Re: Re: •Re: A reasonable temporary password generator? by Your Mother (Archbishop) on May 11, 2003 at 07:59 UTC
Yeah, good point, I wasn't thinking of user-friendly and I should be. More friction means fewer users.	[reply]

In Section Seekers of Perl Wisdom