On 05/07/05, Jtkiefer <jtkiefer(a)wordzen.net> wrote:
1. does the alt. password that was sent to you stay
active indefinately
as well?
If I remember the gist of the code right, then yes, it probably does.
Glancing at the code, I think it gets deleted from the DB when you
next change your password.
2. If so isn't that a huge security risk?
Not really - it's no easier to guess than your "real" one (probably
harder, unless you're paranoid enough to use properly pseudo-random
strings rather than something vaguely word or number like), and only
you ever knew it.
Since exactly one random password + one "real" password can be active
at any time, it's equivalent to halving the odds of picking the right
one randomly. Sounds scary, until you consider that half of several
billion (?) possibilities is still several billion possibilities. I
don't know what the odds actually are, but human predictability
reduces the search space by far more than having 2 valid passwords
ever could. [And as I say, the generated password is likely in that
part of the search space that crackers would leave till last, as it's
more likely the user will have chosen something at least vaguely
predictable].
--
Rowan Collins BSc
[IMSoP]