On Jan 19, 2013 5:55 AM, <[email protected]> wrote: > > On Friday, January 18, 2013 6:02:24 PM UTC+1, Lawrence Mandel wrote: > > ----- Original Message ----- > > > > > On 18/01/13 16:16, Lawrence Mandel wrote: > > > > > > How about simply not specifying a default password so that the user > > > > > > has to enter one? IIRC, this is fairly standard practice. > > > > > > > > > > Probably because people wouldn't bother. But if you supply a default > > > > > one, clearing it is (usually; I haven't used FxOS text boxes much) a > > > > > fairly simply operation. > > > > > > > > There's probably a way that we can require people to enter a password. However, a scheme like that proposed my Stefan will likely be a simpler approach. > > > > > > > > > > > > > > Also, I'm not sure it's fairly standard - pretty much every home > > > > > router, > > > > > at least, supplied in the UK today now has a randomly-assigned > > > > > default > > > > > password printed on the router itself, and if you want to use a > > > > > friend's > > > > > when you are round their house, you have to go and find the router > > > > > and > > > > > look at it. > > > > > > > > You're right. Clearly IDRC (I Didn't Recall Correctly). > > > > > > > > Lawrence > > Why still dealing with passwords? http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setup seems like a nicer choice.
Quoting from the article: WPS has been shown to easily fall to brute-force attacks.[2] A major security flaw was revealed in December 2011 that affects wireless routers with the WPS feature, which most recent models have enabled by default. The flaw allows a remote attacker to recover the WPS PIN in a few hours and, with it, the network's WPA/WPA2 pre-shared key.[3] Users have been urged to turn off the WPS feature,[4] although this may not be possible on some router models.[5] / Jonas _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
