Foo2rama Game Operations

A new way to think about Passwords.

by admin on Jul.20, 2010, under Blog, Customer Acquisition, Game Support, News

http://www.technologyreview.com/computing/25826/

Password creation can be a huge block to conversion once you get a user on your site, and lost passwords can drain support resources, this might be a great way to solve those problems.

This is a great article that in many ways solves the 2 major problems with passwords on accounts.  Generally we use restrictions such as minimum length and case sensitivity requiring at least 2 upper case symbols.  This works great against brute force dictionary attacks, but causes users to forget their password.  The other method we use is a max attempts at log in, generally 3, then they get locked out.  This can be used with forcing difficult passwords, but often is used by itself, this though opens up another vulnerability if used solo, there is no check against hitting thousands of accounts with the most commonly used passwords.  I will not spoil it for you but Microsoft just came up with the most optimal solution, feel free to smack yourself for not thinking about it yourself.


Leave a Reply

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...