On Dec 21, 2011, at 5:19 PM, Grigore Dolghin wrote:
> Bottom line: stick to industry-proven solutions. Every single time. No
> matter if it's storing passwords, or using sql parameters instead
> concatenating the sql and checking for invalid input (this was discussed a
> while ago). Stick to standards and you'll be safe. Try do it on your own,
> sooner or later someone would get thru. It's not "if", it's just "when".
And on the other side of the security equation, this xkcd clearly
illustrates the better password strategies:
https://www.eff.org/sites/default/files/password_strength.png
-- Ed Leafe
_______________________________________________
Post Messages to: ProFox@leafe.com
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/069e0225-dadc-42c9-9861-a107a51c1...@leafe.com
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
