FTPOnline registration

I attempted to create an account on the Fawcette Technical Publications online (FTPOnline.com) web site to get a link to pass on about a recent editorial in Visual Studio Magazine. It prompted for the usual email address, password twice routine. I used my usual password technique, a scrambling of the site with punctuation and letters. It rejected my attempt with a little message "Password must be between 4 and 10 characters" — okay, mine was eleven or twelve. I slimmed it down to nine, and .. "Password must be between 4 and 10 characters" — now I eliminated all the numbers. Still… "Password must be between 4 and 10 characters" . Finally, I just made it a simple obscenity in all lowercase alphabetic characters. That it took. What kind of security does a site offer when you are limited to alpha-only entry? A simple dictionary attack (limited to 4 to 10 characters, of course) will crack this site. Why don’t they bother to tell you what they require for password? They ought to be embarassed. And why do they do this? Is it harder to store a number than a letter? Does an exclamation take more storage than an alpha? Bozos!

No comments yet.

Leave a Reply

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.