posted on 11:31 AM, December 2, 2009
The biggest security hole on your website is your login form. If you allow weak passwords, then it does not require special hacker tricks to break in to your website - a simple password guessing program will do the job just as well.
The following password types are weak and can often be guessed by simple password-guessing programs:
ExSite tries to detect these cases, and depending on your security settings, may not allow such weak passwords. If your password is rejected as too weak, you can make it much stronger with some minor changes, such as:
Note that ExSite requires administrator passwords to be stronger than those of regular users.
ExSite's password strength requirements can be adjusted if you want to relax them and allow for weaker passwords. However, you should be aware that weaker passwords means a weaker website. You should always consider your obligations and liability with respect to protecting your clients' personal information, before bowing to users' demands to allow them to use weak passwords.
best practices (5)
content management (12)
data handling (7)
graphic design (21)
html formatting (7)
plug-in modules (28)
visual tutorial (29)
web protocols (9)