Greenguy's Board - View Single Post

Southfun · 2004-06-28, 04:20 PM

Checking PW sites a lot, I know that it is more often that a password has been discovered by a brute force attack and then leaked by the cracker for others to use, than the legitimate owner sharing it.

Those sharing their passwords, do it mostly on a trade basis, exchanging it with few other persons.

If you don't have a program protecting your members area from brute force attacks, you should give the user the benefit of the doubt in the first place and issue a new user name/password.

And as Dave says...it the user name appears to be shared again...then lock him out.

The user can always claim he didn't share it...but better risk he gets a refund than having a user sharing his password all the time?

2004-06-28, 04:20 PM	#3
Southfun If something goes wrong at the plant, blame the guy who can't speak English Join Date: May 2004 Location: Denmark Posts: 31	Checking PW sites a lot, I know that it is more often that a password has been discovered by a brute force attack and then leaked by the cracker for others to use, than the legitimate owner sharing it. Those sharing their passwords, do it mostly on a trade basis, exchanging it with few other persons. If you don't have a program protecting your members area from brute force attacks, you should give the user the benefit of the doubt in the first place and issue a new user name/password. And as Dave says...it the user name appears to be shared again...then lock him out. The user can always claim he didn't share it...but better risk he gets a refund than having a user sharing his password all the time?