You are viewing a single comment's thread from:
RE: My Experience: Biggest Barrier to 'Signing up Friends'
My girlfriend gave me a look of disbelief at being asked to pick such a long password. I found that the (obligatory) XKCD comic (https://xkcd.com/936/) on password strength; hard to remember / easy to hack VS easy to remember / hard to hack was enough to convince her.
It seems that there is still a lot of educating that needs to be done to bring people around to understanding why these longer passwords are better.
I agree. I might be kinda cool to incorporate that xkcd link into the password generation process. It educates in a very entertaining way.
I'm not particularly technical, but would reCAPTCHA be a way of mitigating hacking risk? Does this prevent brut force password hacks?
It seems crazy that this issue is turning away potential community members. There must be ab better way...
I believe that the point in reCAPTURE is to make it more difficult for bots to complete the log in process - to prevent lots of spam accounts being created or perhaps to slow down a brute force attack.
The problem is that authenticating doesn't necessarily have to happen through this web page - it wouodn't stop a bot that went via an API.
Although, you could perhaps add layers of security like locking an account after 5 failed attempts to authenticate or two factor authentication for some actions.