roy at panix.com
Sun Jan 18 04:18:51 CET 2015
In article <54bb1c83$0$12979$c3e8da3$5496439d at news.astraweb.com>,
Steven D'Aprano <steve+comp.lang.python at pearwood.info> wrote:
> Even that doesn't protect you, because your security is controlled by
> websites and banks etc. with stupid security policies. E.g. I am forced to
> deal with one bank that uses a cryptographic key to sign in to their bank,
> but your passphrase is limited to exactly eight characters. Another bank I
> use limits you to SIX characters, taken from case-insensitive(!) letters,
> digits, and a small set of punctuation.
Tell me about it. I have an E-Trade ATM card. When I first got it, I
set it up with a 6 digit PIN. I was shocked to discover some time later
that it actually only looks at the first 4 digits. And, no, I'm not
talking *characters*, I'm talking *digits*. There are 10**4 possible
PINs. The mind boggles.
On the other hand, E-Trade gave me an RSA key fob so I use two-factor
authentication on their web site.
More information about the Python-list