Twitter bans easy to guess passwords

I read this news here about twitter banning weak passwords . Also, they have provided the list of banned passwords. This is definitely a good move and helps with user awareness. However, this is not enough.

A malicious hacker trying a dictionary attack would use a password dictionary that has much more than just 370 passwords.

Instead,  I would have liked to see twitter stop accepting passwords that is not complex ( a password less than 8 characters long, has a CAPITAL and a special character). Right now, it does show a password rating during signup but it accepts passwords other than the “too obivious” ones.

OR

Have twitter use two-factor authentication like WikID

Ofcourse, this leads to the same old argument on choice of  “easy to use” or “more secure”.

This entry was posted in Security, Technology and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>