iTWire - Tattersall's gamble with password security

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Tattersall's gamble with password security

Tattersall's gamble with password security

E-mail

by David M Williams
Wednesday, 24 June 2009
Page 2 of 2 According to Hitachi’s best practices for password management a password of eight characters that only permits one case as well as numbers has 2.82e12 combinations (that’s 2,820,000,000,000.) By contrast, if both cases are permitted the number of combinations increases substantially to 2.8e14 (or 280,000,000,000,000.) Featured Whitepaper 5 Best Practices for Smartphone Support These are awfully large numbers of combinations either way. However, consider that the vast bulk of these combinations are meaningless jumbles of letters and numbers. In practice, many people will opt to use a real word or name and potentially only one or two letters at the end of the word. This diminishes the number of combinations dramatically. Most institutions recommend passwords contain a mixture of upper- and lower- case letters. I personally verified that Tattersall’s did not distinguish between case. I created an account on their site with a password of SMITH123 and was able to successfully log in using password smith123. I phoned Tattersall’s using the telephone number provided to Jeff Wharton to call if he had further enquiries. I asked if there was a reason Tattersall’s did not make this distinction. The person I spoke with was unaware that the web site allowed people to log in using any case variation on their password. I explained the problem and referred to the Complaints and Incidents Officer who had responded to Wharton. I disclosed I was a journalist and the headline of this story. The officer simply advised me that if Tattersall’s knew about this handling of upper- and lower- case characters then they must be satisfied and happy with it. A call has been made to Tattersall's public relations for an official comment and will be added here as soon as it is received. Tags See All Tags David M Williams Gambling Gaming Lotteries Online Online Safety Online business Online gaming Online security Password Security Powered By Joomla Tags Please enable JavaScript in your browser to post your comment! << First page < 1 2 Next page > Last page - Post your comment >>

< Next story in category		Previous story in the category >

Sponsored Releases

Open Text Deepens Integration with SAP® Solutions

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Progress Software Successfully Enables SaaS Deployment in the Cloud for Fifth Year

British Airways selects Progress Software SOA Solutions to upgrade the travel experience

...Promote your press-releases here

Latest jobs

User Experience Architect (C4)
Consulting Services Branch Manager
Process Analyst X 4 (M4)
Content Co-Ordinator (M3)
Senior .Net Developer (M3)
Business Analyst (M17)
Test Lead
Senior Business Analyst
Business Analyst - Financial Markets, Ops focus
Technical Business Analyst - BI & DW - Contract

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking