[GTALUG] Recommended Linux Password Lengths
Stewart C. Russell
scruss at gmail.com
Fri Jun 3 13:40:41 EDT 2016
[you might want to post from an account that subscribes to the list, André]
On 2016-06-03 12:22 AM, ac wrote:
>
> … i require more info to process what you
> are saying - many, many people make accounts for you at Amazon/Ebay/$GamingSite
> with your gmail addy and then you go and create passwords?
No, due to this, which Google claim is a feature:
https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html
Essentially, anyone e-mailing the regex s\.?c\.?r\.?u\.?s\.?s\+.* (with
some limitations on the last bit) at gmail.com gets to me. I have one
repeat offender setting up ebay accounts that even a family intervention
failed to stop. Another was a chancer who really wanted the scruss@
address, so they signed up for an expensive all-access gaming site pass
with it, then expected me to give them the account.
In both cases, I randomized the password to something I couldn't know
(piping the password into xclip so I can't see it helps) and moved on.
cheers,
Stewart
More information about the talk
mailing list