Editing Talk:1820: Security Advice

Jump to: navigation, search
Ambox notice.png Please sign your posts with ~~~~

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 39: Line 39:
 
''These two characters are often disallowed in passwords because of their relevance to SQL (a common database query language). A badly written security system using SQL could have severe bugs (and vulnerabilities) if these characters were used in a password.'' So instead of fixing the bugs, users are kindly requested/forbidden to use & and % because that would break the system? Relying on empathy instead of fixing the problem, similar to "please don't break in, we're too poor to afford a decent lock". Sounds like Black Hat in a role as security advisor could come up with.  [[Special:Contributions/162.158.111.211|162.158.111.211]] 21:01, 5 April 2017 (UTC)
 
''These two characters are often disallowed in passwords because of their relevance to SQL (a common database query language). A badly written security system using SQL could have severe bugs (and vulnerabilities) if these characters were used in a password.'' So instead of fixing the bugs, users are kindly requested/forbidden to use & and % because that would break the system? Relying on empathy instead of fixing the problem, similar to "please don't break in, we're too poor to afford a decent lock". Sounds like Black Hat in a role as security advisor could come up with.  [[Special:Contributions/162.158.111.211|162.158.111.211]] 21:01, 5 April 2017 (UTC)
 
:: I once saw a funny notification at a login screen. It read: "Only log on if you are an authorized user". Hilarious... [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:03, 6 April 2017 (UTC)
 
:: I once saw a funny notification at a login screen. It read: "Only log on if you are an authorized user". Hilarious... [[User:Elektrizikekswerk|Elektrizikekswerk]] ([[User talk:Elektrizikekswerk|talk]]) 13:03, 6 April 2017 (UTC)
::: In reverse, for work I'm supposed to come up with a 2-factor authorization method. A simple password is one factor. I thought the second factor was easy: you also need physical access to a computer in the network. Apparently that's not "technical" enough or something, external advisors tell us that the fact that a hacker needs to physically break in to hack the system doesn't count as a second factor. <small>(if anyone can point to an authority saying that it does I'd be very happy!)</small> [[Special:Contributions/162.158.111.211|162.158.111.211]] 00:27, 7 April 2017 (UTC)
+
 
  
 
"Turing-complete kerning specification language in OpenType fonts" needs a citation. Is this just referring to the TeX language in general?
 
"Turing-complete kerning specification language in OpenType fonts" needs a citation. Is this just referring to the TeX language in general?

Please note that all contributions to explain xkcd may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see explain xkcd:Copyrights for details). Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:

Cancel | Editing help (opens in new window)

Template used on this page: