On 12/15/05, Neil Harris <usenet(a)tonal.clara.co.uk> wrote:
It would probably make sense to check for zero-length
passwords at
account creation time,
and to scan for zero length and other trivial passwords on existing
accounts, if possible, and issue a warning that they will be locked if
the user does not change their password after (say) a month.
Due to the way they are stored in the database this may not be posible.
--
geni