On Apr 14, 2005, at 1:35 PM, Andi McLean wrote:
>>
> Sorry forgot to mention, the users in my case will be Members logging
> into a
> website. Other Member will not be able to see eacth other. If I set up
> a
> Forum something diffrent will be used.
>
You might consider using something like the date and time someone signs
up meshed together in some way
along with a few randomly chosen letters A-Z a-z. Its still
predictable but the longer your site is in operation the harder it
would be to crack a specific account unless you knew when the person
signed up. A random account, well thats a different story.
It might be better just to write a randomizer function for usernames
and passwords where usernames can contain A-Z a-z 0-9 and passwords can
contain those plus additional special characters like $ # @ ! & *.
Then use a minimum length for both of at least 5 characters. For
passwords i like at least 8 characters. It prevents many dictionary
attacks and people who make word lists with letters, numbers and
special characters from hitting your site. If nothing else, bandwidth
limitations will slow them down.
Lucas Holt
Luke_at_FoolishGames.com
________________________________________________________
FoolishGames.com (Jewel Fan Site)
JustJournal.com (Free blogging)
FoolishGames.net (Enemy Territory IoM site)
Received on Apr 20 2005
Intro
