WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Cannibals are what they eat

From: David Glosser <david_glosser () yahoo com>
Date: Wed, 1 Nov 2006 03:37:42 -0800 (PST)
Can you find five or ten sites with just as popular as Amazon and see what their password policy is. 
A statement like "8 of the top 10 ecommerce sites have a strong password policy" would place Amazon in the minority. 

Let us know how you make out



How should I go about convincing them that Amazon.com is wrong and the 
fact that they haven't had a severe account breach is no reason not to 
implement a policy ourselves?  Or, to play devil's advocate with 
myself, if I'm wrong, why doesn't Amazon enforce a password policy?


  -------------------------------------------------------------------------

-------------------------------------------------------------------------
Sponsored by: Watchfire

AppScan delivers new remediation capabilities, key regulatory compliance
reporting, and productivity enhancements that dramatically improve,
automate and streamline users' ability to quickly find, remediate and
manage web application security vulnerabilities. Change the way you think
about application security testing - download AppScan today!

https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008YTE
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: