Reply to post: Re: Rate limiting surely must help?

'Password rules are bullsh*t!' Stackoverflow Jeff's rage overflows

Kiwi Silver badge

Re: Rate limiting surely must help?

But the problem becomes when they STEAL an account, get in first try, and use that to troll your system, perhaps smurf your password database, crack it at their leisure, and find ways to get into admin accounts in so doing?

Seriously, are you for real? What web sites allow their users to get the password database? What websites let normal users get into admin accounts? If anyone finds such a site, who (other than spammers and low-skill hackers) is going to want to stay there since it'll be spammed beyond belief and have no worthwhile content?

Come on Ch, er, AC.. Instead of your rather formulaic (and often extremely unrealistic) negative posts ("oh but what happens WHEN they put a GUN to your HEAD and DEMAND you GIVE THEM you 2FA TOKEN that you LOST because PEOPLE can't REMEMBER things?") how's about coming up with some solutions eh? If you can think of a problem (and I mean an actualy realistic one likely to affect real people, not your unrealistic 'any user can "smurf" your password database' crud) then mention it, sure, but also suggest possible solutions. I've seen you post some great stuff and I do look forward to seeing more of that from you, but sometimes this negative formula you apply to so many posts (especially security ones) gets a bit old.

(Oh, and if the AC I'm replying to isn't the person I'm pretty sure they are, then that person has more to worry about than someone using his unused throwaway accounts to mimic him, he also has to worry about other's using his posting style, which can be a bigger issue than using real accounts!)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020