[wp-hackers] On overly-obscure passwords
24-7 at gmx.net
Thu May 6 10:49:18 UTC 2010
> > The advantage of a password containing just lowercase and uppercase letters
> > and numbers (without symbols), is that it is perceived as one word by the
> > computer/browser. Therefore a double-click selects the whole password, or
> > the browser's/OS's inbuilt text selection 'helps' the user select the word.
> > Having symbols in the word breaks both these behaviours.
As far as i have seen it on two projects with a medium amount (~300)
most of them don't even know standard functionality. For ex.: copy/
is something they never heard before. So i wouldn't give too much hope
selection. The most problem our users had with pw-recovering mails was
and the plain-text-mail: When you receive a plain-text mail in ex.
microsoft outlook, then
the recovery-link get's linked by outlook, but broken at white
"Lastname" and the space don't get linked and the user comes to a 404-
Another thing was the confusion with "wordpress"@example.com. Our
is a) using an alternate address like "registration" and b) making
including a short faq for the most common problems. So i wouldn't
change the password.
More information about the wp-hackers