Comments on: Major Financial Institutions and Passwords

By: Cialis.

Cialis. — Mon, 06 Aug 2007 09:28:38 +0000

Cialis generic click here….

Cialis best price buy online….

By: Anonymous

Anonymous — Wed, 31 Dec 1969 16:00:00 +0000

HI, so you are saying that Quicken 2005 limits the password or PIN to a max of 6 numbers only? Meaning, in order to use Quicken to download transaction you will need to change to this convention at your financial institution? When I set up the account initially it retrieved the account info but would not let me later connect.

By: chovy

chovy — Wed, 31 Dec 1969 16:00:00 +0000

Yes, for some institutions. But not all. It’s some sort of miscommunication between the bank and the quicken people. I told them about it, but I doubt anyone will do anything about it.

By: Anonymous

Anonymous — Wed, 31 Dec 1969 16:00:00 +0000

Any password can be hacked with a brute force attack. Even ones with numbers, letters, symbols and non printing characters.

To ensure security the server or application should suspend the user account after a couple of failed logins. This will stop ALL brute force attacks in their tracks.

Therefore forcing a password to use 6 numbers doesnt really affect the security of the account.

You suggest your foo(b34 password would be a good one. It wouldn't, a brute force dictionary attack would start quite soon with the word FOO (very common) and then start appending characters.

By: chovy

chovy — Wed, 31 Dec 1969 16:00:00 +0000

Yes, agreed that after x number of incorrect logins, the account should be disabled.

But using special characters and different cases greatly increases the number of attempts it takes for a brute force attack to be successful. I’ve tried doing a bruteforce on my own Celeron-233 computer and to guess a relatively simple, it took over 3 days, I finally gave up.