Reply to post: Re: Aha - for once somebody correctly stating that it's the user-name/password combination reuse...

Credential-stuffers enjoy up to 2% attack success rate – report

Paul Crawford Silver badge

Re: Aha - for once somebody correctly stating that it's the user-name/password combination reuse...

Email as user-name may be a bad idea in terms of re-use, but it has two great advantages:

1) Users remember it

2) It is, by definition, unique. So they only have to go though the hassle of "johndoe123", nope that names is taken, OK then "johndoe124", process the once.

The practice of checking against known easy or spilled passwords is a good idea, as is allowing long passwords that are phrases (and checking for horses & staples as well).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon