http://www.perlmonks.org?node_id=799757


in reply to Status of Recent User Information Leak

This is EXACTLY the place for and reason for OpenID. With openID your less trusted site (e.g. perlmonks) never gets your true password. And yes, there is a perl module to support OpenID. Ooops, several perl modules.

-Bryce

Replies are listed 'Best First'.
Enhance Password Policy
by 3dbc (Monk) on Nov 21, 2009 at 03:31 UTC
    I was surprised that this thread receives so much attention, considering when I go to my profile I see
    "Change password: Note: Eight (8) characters max!".

    I thought it was strange that when you perform a text search for 'password policy', but this is all you find on it?

    For example, considering the enormity of this thread, why not further enhance the security posture, perhaps with something like this regular expression, extended password policy, which might fit into the modular user authentication system?

    I certainly appreciate these proactive security breach notifications, but I vote to please enable unimpeded view of the monastery gates without this diabolical banner, innocence is bliss. Thanks!