WebApp Sec mailing list archives
Cannibals are what they eat
From: David Glosser <david_glosser () yahoo com>
Date: Wed, 1 Nov 2006 03:37:42 -0800 (PST)
Can you find five or ten sites with just as popular as Amazon and see what their password policy is. A statement like "8 of the top 10 ecommerce sites have a strong password policy" would place Amazon in the minority. Let us know how you make out
How should I go about convincing them that Amazon.com is wrong and the fact that they haven't had a severe account breach is no reason not to implement a policy ourselves? Or, to play devil's advocate with myself, if I'm wrong, why doesn't Amazon enforce a password policy?
------------------------------------------------------------------------- ------------------------------------------------------------------------- Sponsored by: Watchfire AppScan delivers new remediation capabilities, key regulatory compliance reporting, and productivity enhancements that dramatically improve, automate and streamline users' ability to quickly find, remediate and manage web application security vulnerabilities. Change the way you think about application security testing - download AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008YTE --------------------------------------------------------------------------
Current thread:
- Cannibals are what they eat David Glosser (Nov 01)