Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment: Re:Only Two Futures? (Score 1) 598

by Tyrannosaur (#49739935) Attached to: The Demographic Future of America's Political Parties

Seeing as it is a citizen's duty to know what is happening politically in their country and to participate, it seems your parents were teaching you not to care about being an upstanding citizen. A much better solution would be to teach you how to think critically, not showing you that ignoring important things is acceptable.

Comment: Re:Bullets become currency when things go to hell (Score 1) 334

by Tyrannosaur (#49721913) Attached to: Stock Market Valuation Exceeds Its Components' Actual Value

If things really go to hell, it'll be whomever has water/shelter/food, so don't bother hoarding precious metals as they won't be so precious if you can't get clean water.

If things really go to hell it will be whomever has bullets and a gun to use them in.

I am going to get myself shot when I point out the guy with the guns' grammar...

Comment: Re:Keep all your doors unlocked too (Score 1) 241

by Tyrannosaur (#49647339) Attached to: James Comey: the Man Who Wants To Outlaw Encryption

The proper way is to use cryptanalysis to break those cyphers. It's a hard task but government has access to supercomputers.

Remember the part where some things are supposed to be so complicated it is supposed to take billions of years to crack with computers far better than is possible now?

Comment: Re: My issue with password restrictions (Score 1) 159

by Tyrannosaur (#49349121) Attached to: Many Password Strength Meters Are Downright Weak, Researchers Say

I hate the length limit too. I commented about how sometimes there is a length limit, but it happebs automatically, making your 80 character password 20 characters, and impossible to log in...

But it shouldn't even be a database issue. Unless I am mistaken, the length of hashes isn't (or at least doesn't have to be) dependent on the length of the input, so the database should store the same amount of information for "password" as for the entirety of beowulf...

Granted, that would take a lot longer for the hasher, but there are generally already things in place to prevent robots trying to bring down the system by attempting login many times a second, no?

Comment: Re:There is also a problem with password length li (Score 1) 159

by Tyrannosaur (#49348431) Attached to: Many Password Strength Meters Are Downright Weak, Researchers Say

Sorry I guess I didn't describe the bug properly: often websites accept a long password to create the password, but apparently drop the rest of the string after a certain amount of characters which makes a password of fewer characters than the user wanted.

This wouldn't cause a problem (aside from being a security hole) except when I go to type in my long password to log in, the software takes the entire string and does not drop off the characters after the limit used in creating the password, effectively making it so I cannot log on with the password I tried to sign up with.

I use the clipboard only for testing to see if this bug is there; eliminating the potential that perhaps I just typed my password in incorrectly.

For example, I sign up for a user on website with username "username" and password "This is a very long and secure password". The site, in order to prevent the string being too long, only accepts 20 characters, making my password "This is a very long ". Ok. When I go to log in, however, there is no character dropping, and so it compares my password "This is a very long and secure password" to "This is a very long ", which obviously do not match, and I cannot log in, even though I am typing the same string every time.

This is the bug I was trying to describe and is very frustrating.

Comment: There is also a problem with password length limit (Score 5, Insightful) 159

by Tyrannosaur (#49347419) Attached to: Many Password Strength Meters Are Downright Weak, Researchers Say

There are also often (not told to the user!) length limits on passwords

I like making my passwords a sentence. Whether it is more secure or not, it is easier for me to remember and I like to pretend I believe it is super secure.

However, I have had several places where I make a user, make a password (which it thinks is super strong because it is like 50 characters), copy-paste it somewhere, and it says I have a user. I then try to login using the copy-pasted password, and it tells me I have a bad password. going through the password-reset process, it invariably works if I reset it to a much shorter password.

This is a bug that really annoys me, especially with xkcd encouraging people who might not know about this popular bug to make long passwords.

"Buy land. They've stopped making it." -- Mark Twain

Working...