The Duck Pond
Contact:
  • Home
  • Let's Play Minecraft
  • Let's Play Skyblock
  • Mod Reviews
  • Blogs
    • News
    • Puddleduck's Blog
    • Zimmby's Blog
    • Ninja's Blog
  • Get Involved!
  • Contact Us
  • Software
  • Hardware
  • Development
  • Arcade
    • The Last Stand
    • The Last Stand 2
    • Warfare 1917
    • Warfare 1944
    • Crush the Castle
    • Crush the Castle: Player's Pack
    • Crush the Castle 2
    • Silent Company
    • Formula Racer 2012
    • Happy Wheels
  • Minecraft Expo

Password Vulnerability

3/30/2013

1 Comment

 
One thing that annoys many people these days is the requirement to make such complex passwords. They aren't really complex when you think about it, but to a computer, if you add a number, change some letters to upper case and perhaps even add a symbol it gets a whole lot more tricky to crack.

This is in part the reason why when you create an account, I will use the domain registrar 'Namecheap' as my example, you are asked to specify a password with some of the features I mentioned above. The vulnerability I am referring to is in relation to password resets, you could say the weak link in the defences protecting your account.

Not only can people gain control of your email account, therefore giving them control over almost every account attached to it, you can inadvertently make it easier to gain control of your (for example) Namecheap account!

I forgot my Namecheap password, the complex one designed to keep hackers out, and I had to reset it. To my dismay I was not asked to make a complex password on the reset screen, meaning that I can have as simple a password as I wanted. They only specified that it had to be at least 6 characters long. That password just got a hell of a lot easier to crack didn't it.

On an unrelated note, shame on Crazy Domains for expecting passwords to be transmitted via email in plain text.

-Puddleduck
1 Comment

    Puddleduck

    Executive Producer and founder of The Duck Pond. A rather interesting fellow once you get to know me!

    Archives

    November 2013
    June 2013
    April 2013
    March 2013
    February 2013
    January 2013
    September 2012
    July 2012

    Categories

    All
    Cash
    Channel
    Mace Swinger
    Raspberry Pi
    Raspithon
    Security
    Staff
    Statistics
    Website
    Youtube

    Follow @TheDuckPond01

    RSS Feed

    Copyright © The Duck Pond 2012, all rights reserved.

Powered by Create your own unique website with customizable templates.