Hi. The new .au system is obviously working very well judging by the lack of traffic on this list. This is good. Not sure if domain password strengths have been discussed before. I belive the current domain system requires 6+ characters with at least one letter/number. It is debatable if 6 characters passwords are strong enough, but 4 digits passwords are certainly not. And there are a lot of A0XXXX passwords out there. Such a password can be casually cracked with half a dozen distributed web clients in under 2 hours, and a lot faster if network abuse is of no concern. Are there any mechanisms from the registry/registrars to lock down domains with excessive password failures? A password can obviously be probed in different places (management login, transfer request, etc). Kind regards, Lucian Kafka www.conexim.com.auReceived on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:06 UTC