What is Digg?306 Comments
- zerhynn, on 10/11/2007, -7/+19609 F9 11 029D 74 E3 5B D8 41 56 C5 63 56 88 C0
- bmarc, on 10/11/2007, -7/+191What you betting?
- noahhoward, on 10/11/2007, -4/+178We'll need your account info to verify.
- bitt3n, on 10/10/2007, -1/+119I would win that bet. I use my digg name as my amex password!
- insomniac8400, on 10/11/2007, -2/+73Good to know 1234567 is still secure.
- loggia, on 10/10/2007, -2/+65Principal Bank requires you to use your SOCIAL SECURITY number as your USER NAME. I tried to explain to them that this is possibly the worst security protocol they could possibly use.
Sigh. Maybe there should be a contest on which financial institution has the worst security practices... - Cauterized, on 10/11/2007, -0/+63What 32 characters usually work best for you?
- blorc, on 10/11/2007, -7/+67Wow, 8 characters? That's just disgusting. I didn't even like the fact that my bank didn't allow special characters (until recently), even though it still allowed 32-characters. I can't believe some companies are so behind on the times. I pretty much try to make my passwords 32-characters minimum, with letters, numbers, both cases, and special characters.
P.S. Please allow special characters in passwords, Digg! - OverThere, on 10/10/2007, -2/+48Amex also has/had a limit on the length of your street address. When I was living in an apartment the number and beginning of the street name took all the room, and you couldn't put the street type (way, drive...) on the end on the end of it. I never recieved a single statement, but when I moved the post office sent me a years worth of bills I had previously paid online.
Someone needs to expand a few database fields over there at AMEX. - tizz66, on 10/11/2007, -1/+4632 characters for your bank account is fine, but don't you think it's a little overkill for something like Digg, or a forum?
- dynacrylic, on 10/10/2007, -4/+4710 most common passwords: http://www.modernlifeisrubbish.co.uk/article/top-1 ...
- filefly, on 10/10/2007, -1/+44That's what she said.
- blorc, on 10/10/2007, -1/+32No, he means username. He's trying to point out the fact that many Digg usernames would definitely be considered more secure passwords than what an 8-char max alphanumeric password would offer.
- PecanHead, on 10/10/2007, -0/+30Somebody can pay your bill...
- BoneheadFarker, on 10/11/2007, -1/+29That's amazing! I have the same combination on my luggage!
- badave, on 10/11/2007, -2/+3032 characters? What, do you spend all day typing your password? Is that your job or something?
- reyalp, on 10/10/2007, -3/+31i'm curious as well
- krets, on 10/10/2007, -1/+29You haven't been on Digg very long have you?
- scuzzman, on 10/10/2007, -3/+30*****. Everyone knows that the top 4 most used passwords are:
love
secret
sex
god - Zippo, on 10/10/2007, -3/+30I'm in on this bet too.
- abigsmurf, on 10/10/2007, -1/+28this isn't all that problematic. Your password isn't going to be cracked when bank systems locks you out after 3 wrong attempts (usually requiring a security check phone call
- Adoozie, on 10/10/2007, -0/+25You're able to read all of your users' passwords? Sounds like a security nightmare.
- epohs, on 10/10/2007, -3/+25I got 5 on it.
- PecanHead, on 10/10/2007, -0/+21I hate it when morons raise academic security objections. This is not a problem. If security is really your concern, then you're not using a password that is susceptible to dictionary attacks. In which case the only valid attack against your password is brute force.
(26 + 10) ^ 8 = 2,821,109,907,456
It's going to take a reeaally long time for somebody's lame Perl script to brute force 2.8 trillion possibilities. Especially through Am Ex's login page. Oh, and they probably only get five or so tries before they put a lock on the account. So be patient, attackers... - Bokista, on 10/10/2007, -0/+19But these passwords go to 11...
- insomniac8400, on 10/10/2007, -0/+18Probably works for myspace.
- picsectionpleez, on 10/11/2007, -0/+17Digg's capchas are more secure than AMEX
- seventoes, on 10/10/2007, -2/+18So is harry potter, potterboy.
- iceschade, on 10/11/2007, -1/+17What's the card number, or the name of your account? Just curious.
- tech42er, on 10/10/2007, -1/+17Maybe he's a real potter who has to work to put food on his family. Don't insult him.
- NSMike, on 10/11/2007, -2/+17Even better when quoted properly...
"So the password is, 12345... That's the stupidest combination I've ever heard in my life! It's the kind of thing an idiot would have on his luggage!"
Later...
"Sir, we have the password to the air shield!"
"Excellent! What is it?"
"12345."
"12345?"
"Yes!"
"That's amazing, I've got the same combination on my luggage!" - picsectionpleez, on 10/10/2007, -0/+15You should be getting a confirmation email from AMEX in a minute. Now, as soon as I crack your Yahoo I'll go ahead and take my 5$
- inactive, on 10/10/2007, -5/+19 123456? That's the kind of thing an idiot would have on his luggage.
- JonnyTrombone, on 10/10/2007, -0/+13Then your password is probably aaaa1111
- strictnein, on 10/10/2007, -0/+13Wellsfargo used to limit you to a 6 character alphanumeric password years ago (with a minimum of 4 characters). I emailed them once saying that they might want to increase that limit and require at least a 6 character password with numbers and letters. I got back a pretty snotty response saying that basically said I clearly didn't know anything about account security and that they were all experts. So I moved my business elsewhere.
- dracflamloc, on 10/10/2007, -1/+13I bet you the reason for this is somewhere in their systems they've got legacy software that has max of 8 length password and they don't have the source code, and the company went out of business. You'd be amazed how many places are in situations like this.
- guinnessstout, on 10/10/2007, -1/+13Guess I'll start phising AMEX accounts and brute forcing passwords.
- Shawn4168, on 10/10/2007, -0/+11What the ***** kind of company do you work for?
- mercano, on 10/10/2007, -0/+11Why is there any limits at all? Any decent password system, i.e. the type I would want protecting my financial information, shouldn't be storing the password at all. They should be storing a hash of the password (ideally with some salt), which will always come out as an integer of some known fixed size regardless of the length of the input string, or, for that matter, then kinds of characters it has in it. In fact, the only sensible restriction on a password for a web page should be a length restriction to make sure someone doesn't send something insanely long as a DOS attack, but, really, an 1024 character limit should take care of that and still allow for any password you could reasonably want.
And, for anyone asking WTF is salt: http://en.wikipedia.org/wiki/Salt_%28cryptography% ... - fatdog789, on 10/10/2007, -0/+11Oh my god. The sky is falling.
I guess it's a good thing AMEX has such good customer service that they'll waive any fraudulent activity on your account. More than makes up for this. - wild, on 10/10/2007, -0/+11I bet mine is taken.
- TheChihuahua, on 10/10/2007, -0/+11You think? A lot of dumbasses have trouble with just the four.
- carguy84, on 10/10/2007, -0/+10ohhh just squeeked in
- Pritchard, on 10/10/2007, -0/+10Alright. Well, that passes for both Username AND Password for your American Express account.
- SirBotchness, on 10/10/2007, -5/+15This is the dumbest thing i've ever read.
- drakenlot, on 10/10/2007, -0/+9I phase in and out...
- thailand1972, on 10/10/2007, -0/+9Digg's login is cleartext anyway, so it's kind of irrelevant how long your password is - it can be sniffed by someone on your network.
- mancat, on 10/10/2007, -0/+8maybe yours does, but mine goes all night long
- objectcode, on 10/10/2007, -1/+9clown
- ianweir, on 10/10/2007, -0/+8In canada it's illegal for a company to use an employee's SIN (social insurance number) as a username/identifier. I would assume the same thing would apply to banks, but I've never looked into it.
-
Show 51 - 100 of 304 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is