David Schwartz wrote: > ... Suppose I include a randomish
string in my message "46e8bd8ceae57f8b7af66536e7859bad". Any attacker might see this message -- it's public. So he can certainly try that string as your password. So will you now run off and add it to a blacklist, since it's clearly now a weak password?
I suppose the distinction between "known" and "weak" is too fine a semantic point for you? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
