Zarhym has been known to post trollish things before just go get a rise out of people

File: 1338660247806.jpg-(3 KB, 126x126, 1337434554717s.jpg)

THIS IS WHY I LOVE BIOWARE

>>141643392
water store remark.

>>141643392
He's actually correct. Brute force attacks are really very rare, as even basic security methods foil them.

If you've had an account 'hacked' it's probably a keylogger-esque program or you've done something incredibly stupid, in which case case-sensitive makes absolutely no difference.

I know it's cool to hate Blizzard, and after this 'release' I can see why, but don't be quite so uneducated.

>>141643874
>He's actually correct.
oh boy

>>141643874

Enjoying your right click simulator blizzdrone ?

>>141643874

>more characters available
>not more secure

>>141643874
Everyone's said everything already so I'll just say fuck you

>>141644391
>Case-sensitive actually isn't particularly more secure.
>what is entropy
seriously kill yourself

File: 1338660848157.png-(91 KB, 740x601, password_strength.png)

>>141644298

Here in a format you might understand.

File: 1338660861201.png-(137 KB, 300x300, Blizzdrone.png)

>>141643874

Even shitty random websites that require registration support case sensitive passwords and special passwords.

Oh look, more faggots who don't know how entropy works.

It doesn't matter though, because the hacking exploit totally bypasses all login checks via SessionID, making your password irrelevant.

>>141644508
fuck you i was about to post that

>>141643874
>basic security methods
You mean like limiting the amount of false login attempts?
Which Blizzard also never implemented?

>>141644298
Characters available only makes a difference if you're trying to brute force a password. Which is incredibly inefficient at the best of times.

Number of characters only increases the amount of time a brute force takes, not how successful it is. If anyone really, really wants to get your account case-sensitive makes no difference.

>>141643874
Wat? I've forced my share of minecraft accounts.

File: 1338661020935.jpg-(33 KB, 449x449, 1336844777636.jpg)

>>141644134
>>141644165
>>141644298
>>141644465
>>141644482

>get told
>lol ur dumb kill urself

the number of characters available don't matter if it's over, uh, 2 (0 and 1), the length of the key is what really matters for security.

>>141644508
The problem is that removing all capital letters vastly reduces the amount of combinations they would have to use when bruteforcing.

Let's assume you only have letters. With capitals and letters, you have 2*26+10=62 possibilities per character. If you have an 8-character password, that's 62^8=2.2*10^14.
Now let's say there are only 36 possibilities per character. That's 2.8*10^12. It would take about a 100th of the time to guess an 8-char password without capitals as opposed to with capitals. That's the difference between 1 hour and 100 hours. One is feasible, the other is not.

>>141644940

>not knowing any good hacker would just try to guess your key using 0's and 1's combinations and translating them to different character sets, thus making irrelevant if those sets are or not case sensitive.

this thread is really full of retards and people that don't know shit about electronic security.

>>141644508
>xkcd
>lol I'm so smart, fuck art students
>Sometimes I don't even have to write a joke because most people wont understand it anyway

File: 1338661353034.jpg-(55 KB, 492x289, 1331194467075.jpg)

>>141643874
Do you even know what brute force means?

>>141645157
>not knowing any good hacker would use what knowledge he has of the security system to severely lessen the load he has to bruteforce through

>>141644508
Computer ignorant here, my knowledge is too little to know if this thread is full of trolls or not.
But, this image is stupid, because you have a limited number of chances, right? As in, if a hacker is trying to get someone's Steam password, he can't try to guess it 2^28 times, because the program would block him. This way, the only way to get a password is by using a keylogger, and it's much harder to identify Tr0ub4dor&3 than correcthorsebatterystaple through a keylogger, right?

>>141644940

Well i know that, but there is awefully lot assumptions flying trough the threads with 0 proof. Brute forcing mostly isnt a valid option, as any online service that tries to be somewhat serious has countermessures.

Seriously private ragnarok servers have those. And i doubt diablo allows 100 login tries per second.

Also noone has posted proof about id hijacking. It might be possible. But i have not seen any way for it to be done or anyone succesfully doing it. Neither have i seen proof of keyloggers. People are just throwing assumptions all over the place while going LALALALALALA i cant hear you.

>>141645328

well of course, any good hacker will just bypass the security walls, not even needing to guess a password.

but if they needed to know your password by brute force they'd just do binary combinations.

>a 6 digit password having 50 billion possible combinations does not make it more secure than 25 million

good job Bioware

>>141643874
Get outta here with your logic kid. We don't treat people like you nicely 'round these parts.

>>141645362
>But, this image is stupid, because you have a limited number of chances, right?
depends

>Tr0ub4dor&3 than correcthorsebatterystaple through a keylogger, right?
lolwut
Tr0ub4dor&3 is even easier to isolate because it LOOKS like a password

>>141644508
>battery horse staple blah blah blah

If that thing had a lick of truth why do 90% of all websites and other things with a login require you to make a password with numbers in it?

Checkmate, atheists

>>141645362

I think you're right, if you try to send 1000 requests per seconds to an authentication server, he will surely block you. Depends if the server is properly configured or not.

>>141645362

If it comes to a key logger it doesent matter. Its easy to identify what a password is as it ussually follows a username.

>>141645492
That only counts if someone uses a password generator, trying all those 25 million combinations (Which nobody does).
When you get "hacked" you just have a keylogger so your password complexity doesn't matter.

I love how this same thread gets posted every day, and the same replies are given when someone points out how, for various reason, he's practically correct, then gets berated and called a blizzdrone.

No Op, you are the one one blinded by irrationality.

And then OP was a faggot.

>>141645492
Nobody brute forces passwords anymore, it's usually a keylogger theses days and having case sensitive passwords wouldn't help make you password more secure in that situation.

>>141644508
>what are dictionary attacks
Christ, Munroe is such a dumbass.

>>141645531
>fuck logic

>>141645537
>>141645571
So if there's a keylogger in my computer I'm basically helpless?

>>141645819
You could reformat.

>>141645492
>double the number of characters (not really)
>double the number of possible permutations
>US
>education

>>141645819
Yes and also fucking stupid

>>141645819

Yep. If he can isolate the moment you typed your informations, a 50 letters password or a 2 letters make almost no difference.

/v/ - Security Administrators

>>141645157
>Implying a good hacker wouldn't just find out basic info of a person (name, birth date, etc.) and call tech support posing as him.

Bad social engineering is how 80% of passwords are stolen, bro. Thank the retards at the office who keep their passwords on a piece of paper taped to their monitors.

>>141643874

>Brute force attacks are really very rare, as even basic security methods foil them.

bullshit. internet is full of bots trying to bruteforce into your server if they detects open 22 port. Bruteforce can be used anytime, anywhere. Try to rent your own server.

>>141645164

Yes, we know. Monroe is one of those high horse cunts who has a Math degree and has a huge ego because of LOLIKNOWCALCULUS.

He's absolutely insufferable and is a shitbag of a person.

>>141644508
What's a dictionary attack?

How the fuck do they work?

>>141645492
Bingo. After, say, a million combinations or so, any further length makes little to no difference.

If I want your account my options are, generally:
- Keylogger (Case sensitive makes no difference)
- Get you to 'buy gold' or something stupid (No difference)
- Brute Force (Case sensitive increases how long it takes, but not whether I'm successful or not)

Now of course there's other options like compromising the server, man-in-the-middle etc. But as a general rule, the three above are the most likely, and case sensitive makes absolutely no difference.

>>141645819

yes

hackers can guess the algorithm of most autenticators if they can get some entries with the dates as most autenticators are random number generators date based.

>>141645781
He taking into account a dictionnary attack read the words you fucknigger.

>>141645819
Or if you're using Chrome or Firefox, they can't into privacy

We already had a thread like this, the result was /g/ made a thread to discuss how computer illiterate this board is. For remote access, case sensitivity on an 8 character password is the difference between finding a specific grain of sand in a dump truck of sand or finding a specific grain of sand in a beach. They are both impossible

>>141646040
I mostly find him insufferable because his math on shit like the "toss the wardrobe into the atlantic idea" was already done, and his math was completely wrong.

>>141646330
No, they're not both impossible. Finding a grain in a dump truck is easier than a beach. Seeing as how the waves move the sand about.

>>141645947
If I have two partitions, C (containing the OS and programs) and D (with my personal files), can a keylogger place itself in D? If positive, what should I do?

> nternet is full of bots trying to bruteforce into your server if they detects open 22 port.

True. But trying is the operative word here. If you employ basic security a brute force is unlikely to succeed in a reasonable amount of time.

It will of course succeed eventually, as in theory you could try every combination of characters with enough time and processing power, but that might take years if not decades.

Unfortunately, a lot of engineers are lazy, and don't basic measures. There's a reason buffer overflow attacks still work, and it's not the technologies fault.

>>141646447

My poor, you gonna get laughed at.

>>141646572

Nevermind i didn't understod

>>141646572
I was prepared for this, just wanted to make sure.

>>141646447
Key loggers only come attatched to executables. Your pictures, movies, and documents are not going to give you a keylogger.

File: 1338662355477.jpg-(7 KB, 123x109, 1337895008571.jpg)

>Ctrl+f combination
[-]

>>141646447
You could also unplug your computer from internet permanently.

>>141643480
shouldn't you be out job hunting Stanley?

>>141643874
>guy has legit remark

>>141644134
>>141644165
>>141644298
>>141644465
>some retards think that agreeing with what that Blizzard CM said makes him a retarded blizzdrone, others are just ignorant pieces of shit
>proceed with stupid insults which do nothing to argue with what he said

Brilliant minds right here

>>141646827
Not entirely true. If you want to spoof a keylogger as, say, an image, it's doable.

If someone really, really wants your password they'll get it eventually. It just takes a lot of time and effort.

>>141644508
>Not knowing about word lists

>>141647127
It's called a dictionary attack. Keep up.

>>141647127

OOOOH BOY, you sure are retarded arent you? Apparently you dont know about word lists.

Lets say that 4 word pass gets brute forced using a word list only. So it has to go trough all the words to see if its a 1 word pass, then it has to go trough all the words 2! to see if its a 2 word combination, then 3! and so on and so forth.

>>141647093
britney_spears_naked.jpg.exe is not an image.

Good thing I have my passwords in a notepad to copy and paste, or they're remembered
You have to be retarded to even get a keylogger in the first place though

>faggots don't realize that making an NP-complete problem slightly easier doesn't change the fact that it's exponential.

you're still dealing with exponential growth per character added. no one brute forces passwords over a remote connection.

>>141647484
It prays on end user stupidity again.

Some people have the ".exe" portion of files (God the word escapes me at the moment) off.

>>141647372
>implying /v/ has any reading comprehension
If they were able to understand the comment they would have understood the comic.

>>141647618
That's why it's called bruteforcing. Bruteforcing small passwords is so little calculation that you don't even NEED an algorithm.

>>141647689
Extension. And yeah you can enable/disable it pretty easily.

>your password is too weak
>check the limits
>must have 2 numbers and 2 upper/lowercase characters mimimum

fuck sake

>>141647484
Yes and no. Of course it's not an image, but the file extension really doesn't mean a lot. You can embed malicious code into an image/music file if you want to.

>>141647947
But the part that will execute it will be on his system partition.

>>141644508
This image is not 100% correct.
Yes, longer words means it's gonna take more time to hack, but chosing random words like he did is vulnerable to a dictionary attack.
Now, having more characters available, lets say !"$%#@( even characters with tilde, acute, grave, etc ) increases the number of possible combinations by a large ammount, increasing the time required and making it practically invulnerable to a dictionary attack.

Lets say you only count letters from A to Z.
A 12 characters password's has
26^12 possible combinations.

Now lets take A-Z and 0-9.
36^12 possible combinations.

Keep adding all the characters you want.
More available characters = more combinations = more time

Assume 30 000 english words
60 000 with capitalization or not

4 words in password

1.29600 × 10^19 combinaisons of words

"weak to dictionary attack" my ass

d8* 4: 10d]-0 ./fd- 7^%$d@av-> platypus p0shies

Secure enough password for you?

>>141648039

read >>141648224

>>141648296

No.

4char

>>141648318
It's still vulnerable.
Your argument is invalid.

>brute-force attacks
>2012

you guys do realize brute-force attacks are negated with simple security methods like locking out an account after X amount of incorrect logins.

>>141648535

You really cant into math can you?

Yes its as vunerable as a steel safe is funerable to knife attacks.

Op is shopped, there's no record of this post on the Bluetracker.

>>141648630
Yes, but many sites and especially online games doesn't have that kind of system.

>>141648535
I wonder, would adding different languages make it a good password? I mean, using a French, English, German and Russian word. Not using the same word in different languages, but different words in different languages.

>>141648630
Diablo 3 doesn't have a lock out system. And it's not case sensitive.

>>141648801
Just make up your own words that sounds like real words, ad a couple of symbols between two of them, and you're set.
Easy to remember and hard to crack.

>>141648654
WOW THAT NUMBER SURE IS BIG
HAHA BIGGER NUMBERS MAKE MY PASSWORD NOT CRACKABLE
By your logic passwords with random characters and numbers are way better than yours.

>>141648919
Are you American by any chance?

my password (for nearly everything) is abc123456def
never been "hacked"

>>141648919

Nope, count the letters + capital letters + numbers + special characters that are allowed in password creations.

Now count how many fucking words there is in the english fucking language. Let me tell you, a whole fucking lot more than ~120.

File: 1338663776385.jpg-(19 KB, 477x356, deadpool holds ps3 games.jpg)

>>141648919

>>141648876
or you could use one of the Nuclear Launch Codes
http://www.gamesradar.com/cheats/2070/

The Ultimate Password

>>141648876
Dohoho now all that time i spent as a gradeschooler making up funny words finally pays off!

>>141649179
CAT.
C@T.
C@7
c@7.
You can keep going.
Replace letters with random characters.

Upper/Lowercase and Numbers is not ONLY required to prevent bruteforcing but it is also required because these passwords you sign up with on websites are stored in databases and are encrypted in some sort of hash format, so if a hacker were to break into their servers and steal the database, he'd find a bunch of encrypted passwords.

Normally you can crack an encrypted password with ease or crack most of a database but what if they are using case-sensitive passwords with numbers? Well, it's damn near impossible because it will take 2-3 months or more depending on how long it is just to crack ONE password. Not everyone has some $10,000 GPU Cracking setup to crack the hardest stuff at lightspeed, hardly anyone does.

Therefore, it is more secure to use Upper and Lowercase characters + numbers in a password.

I'm an actual hacker and have been doing this for years, I know how it works and what people do.

>>141649529

Well then point me into the right direction, as i want to start hacking stuff here and there. But dont really know where to start, i got some basic knowledge, but should i delve into the low lvl stuff or the programming lvl stuff.

>>141649529
>I'm an actual hacker
Oh yeeeeeah?
Then why do you refer to yourself as a hacker and not a cracker huh?

Yer a phoney! A big fat phoney!

Hey guys what would happen if I used a Japanese password like ふきん具 ?

File: 1338664218073.jpg-(23 KB, 223x226, 14-looks-more-like-new-trollfa(...).jpg)

>>141649816

Crackers crack, hackers hack.

>>141649945

It wouldnt let you register it on a website/service that does not use japanese characters.

File: 1338664333815.jpg-(19 KB, 350x222, ace-ventura-pet-detective-6.jpg)

>>141649529
Then crack my post's delete password and remove it.

>>141649945
then japanese hackers will get you and leave an undeletable .txt file on your desktop with a message calling you a baka gaijin

>>141649810
Well just like 99% of others, every hacker must start out as a script kiddie. You should pick up learning PHP and some low-level hacking methods and also spend a lot of time browsing security forums/reading security blogs. You should also try learning a bit of linux and how the console works and doing things with it.

References:
http://www.securitytube.net/

http://www.amazon.com/Learning-PHP-MySQL-JavaScript-Step-By-Step/dp/0596157134/ref=sr_1_1?ie=UTF8&am
p;qid=1338664383&sr=8-1

http://www.reddit.com/r/netsec/

http://gonullyourself.org/ezines/ (some e-zines of hacker groups, old and new, horrible and good ones etc. some of them are a good read)

After you pickup initial stuff, the rest slowly comes natural to you if you develop the hacker mentality. Reading is always required though and talking to other peoples and making friends in the communities you discover can sometimes help but you will also sometimes find yourself amongst idiots.

>>141649816
What if I am both, a hacker and a cracker? I do crack databases but I also hack servers and find exploits in different web applications etc.

>>141650909
>http://www.reddit.com/r/netsec/

Really faggot? You might as well list >>>/g/ as well.

>>141651040

Im the guy who asked him for the info, but seriously... g is good, but i guess in reddit i can read up on already asked questions, while on g i would always have to aggravate /g/ nerds.

>>141651040
No, /g/ is fucking retarded when it comes to security.

/r/netsec has intelligent people mixed with a couple idiots.

>>141650909
Why would you want to teach people to become scum?

>>141652642

Why is learning something make me scum?

What if i want to provide people with a secure service in the future, or if i want to work in a computer security job.

Its not like i can go on my uni and say yo where da crackers class at.

You know if you teach someone how to shoot, that doesent mean you just tought someone how to become a murderer.

>>141644508

Isn't this stupid though? Brute force attacks are designed to attack with full word combinations to more easily crack a password like this.

>>141648781
>especially online games
OH MY, WHAT'LL I DO W/O MY CLUB PENGUIN ACCOUNT GOODBYECRUELWORLD.JPG.PNG.EXE.A.DLL.BMP.GIFDSFKSDBFDGFBKSHFSDFKJSDB

>>141652871

^ You pretty much nailed it sir.

Not all hackers are bad, theres a mix of blackhat and whitehat and people who do both good and bad called greyhat.

>>141652953
>full word combinations
No. Full words, yes, maybe.
Do you know how fucking many words there are? There's no fucking way you're gonna crack any passphrase of decent length this way that isn't a direct quote or something like that.

>>141653095

Honestly the sole reason why i want to learn this shit. Is because computer security is in my opinion a rising industry. And because im really interested in it.

>>141644508
>1000guesses/sec
Yeah nah that's not how a bruteforcer works.

What if I use the masked guy's speech from the beginning of the movie V for Vendetta and use a Caesar's Cipher on it, then replace all odd o's with 0s?

>>141653564
Except how many guesses are feasible entirely depends on what you're actually bruteforcing.
So blame that instead of the password.

>>141653831
You'll have some trouble if you use that on a login screen that doesnt register cuts and pasts?

>>141653924
True that.

>>141654139
Are you implying I'd actually cut&paste? No fucking way, all up here baby!

>>141654358
Pretty cool.

>Blizzard doesn't have password lockouts has a limit of 16 characters and openly tell people that caps mean nothing.

>>141653095
Ok, since you seem to know a good amount about this subject, what would be the best way to get into security? Should I learn the ins and outs of PHP or should I focus on linux/networking? Any help would be great. I know a good amount about linux but the only thing I have a bit of trouble is writing an in depth shell script.

>>141655139
Oh and should add that they believe that file sharing software is spyware...

>>141655436
l2 SQL injections for starters.

>>141643874
>implying it's only useful against bruteforce

are you defending this?

>>141643874
also you're a retard

>>141644391
>case sensitive password only use is against brute force

>>141656212
But for that, should I learn SQL first? Just asking since it seems weird that you would learn how to exploit something first before you learn what you are exploiting.

>>141656419
Yeah, you should (at least the basics), as well as any other technology you'll come across (PHP, Javascript etc.). If you feel like it, Zed A. Shaw has a free online eBook on SQL (Learn SQL The Hard Way).

>>141643874
>>141644391
>>141644714
>>>/g/25267375

>>141657212
Thanks bro, already downloading it so I can read it later on tonight. Any videos to supplement that? If not, that's cool. I have to do some shit in a bit but I want to gather up everything I need so I can watch it later on this evening.

This reminds me of something the Norwegian govt is doing that's kinda stupid, really.
All my life I've been using different combination of signs, numbers and lower and upper case letters because my main problem would be people seeing and remembering my passwords instead of malicious software.
So one day when we're supposed to apply for a high school we have to use a govt site and we have to create a user ourselves.
Guess what.
It didn't support numbers or signs, only letters.
Holy fuck, my face when. Now I had to remember TWO passwords (I know, not a big deal), but my problem was really that the government basically refused us from having a secure(er) password.

Why would they do this? Luckily I don't have to use that service any more, but if I'm planning to go to a uni to get an electrical degree (don't think I will though, life as a regular electrician has been good so far) I might have to again.

Do people really believe it matters in an online game? With a login server, each attempt to bruteforce would take at least a second, to find the right combination of even 6 characters it would take more than a lifetime.

I don't defend Blizzard, it's not a hard thing to implement, but it's nothing to give a shit about.

>>141658031
>>>/g/25267375

File: 1338669217104.jpg-(25 KB, 402x235, 2YsJn.jpg)

It's more secure.

If I somehow hear someone say 'my password is dickmunchers10'

If he at least has one or two capitals in there his bacon might be saved.

Why someone would be saying their password out loud, god only knows, but if it did happen at a drunken office night out or something, it could happen I guess. Who knows

The point is it's there to prevent stupid fucks from setting their password as 'password'

So yeh, for BioDumbasses it's far more secure.

>>141659423
But people still do set their password as "password". There is a whole list of common passwords published somewhere online, and that's one of the top ones.

>>141657435
>gather up everything I need
From personal experience I'd advise against that. If I do that, by the time a finish gathering all that shit up, I end up calling it a day and tomorrow I lack the enthusiasm. As for videos, I don't have any, but Google whould know more.

>>141660130
I don't mean everything I'll need to create a SQL database but everything I'll need to learning it. Also, I found a semi-decent beginner's guild on how SQL works. Again, thanks for the info guys!

Seems like a good thread to ask this. What is more relevant in the real world, php or sql?

>>141658031
>to find the right combination of even 6 characters it would take more than a lifetime.

If only we had some sort of machine that could automate simple but repetitive tasks.

>>141661105
For what, exactly. That's a pretty open ended question.

>>141661215
Job viability mostly. For example, if I choose to specialize in php instead of sql would I be shit out of luck if everyone uses sql for databases or is it the other way around? I just want to learn what will help me the most in the job market. I already have a CCNA but learning a database language would help me immensely.

>>141643874
>thinks 25 characters take up 44 bits

I'm failry sure that's not how computers work, at all.

>>141661495
SQL will be better for you by a large margin. PHP is used frequently too, don't get me wrong, but it's much easier to learn so the market is flooded with people who know enough to get by.

File: 1338671048536.jpg-(163 KB, 896x850, 1332481212315.jpg)

>>141662117
Ah cool. I thought SQL would be the lesser known of the two since the local college kept going on and on about how php is the way to go while anyone asking about SQL would just get blank looks. I'm already watching a pretty good tutorial about it but when they say the tutorial is for beginners they were not kidding.

>My face when I realized that I just spent 10 minutes watching a video that was just a crash course on Microsoft Access

I actually like fiddling around with Access

File: 1338671238436.jpg-(415 KB, 1600x1064, 1338659454208.jpg)

Can we talk about Diablo 3 and the hacking shit going on? Can anyone prove it's a true exploit and not just people getting phished?

SQL bro here again. I just wanted to pop in and ask if I have to use an online site to host a MySQL server just to learn it or can I just install a server on my local machine just for learning purposes?

>>141662916
It's a true exploit just by how it works. If it was a simple phishing scheme then their entire accounts would be stripped. Instead what is happening is that only the last played character and the shared bank is getting stripped so that alone should tell you that Actiblizz fucked up somewhere.

>not using an authenticator

ISHYGDDT

Assuming just letters and a password of length between N and M:

possible case insensitive passwords:
sum of X from N to M of 26^X

possible case sensitive passwords:
sum of X from N to M of 52^X

The case sensitive password is strictly more secure against both brute force and dictionary attacks; deal with it. Yes, you're fucked either way if someone has installed a keylogger on your machine; that doesn't mean that the case insensitive password equally secure.

>>141663196

Pretty much this.


Any one got a link to that blue thread where an authenticator got hacked and they locked it?

>>141662610
PHP isn't a database language though. It's for server-side scripting.

>>141643392

LOL WHAT IS LE PASSWORD ENTROPY

LE MATHS ARE FOR LE NERDS BIOWARE DA KING NIGGA

>>141663015
I recommend SQLite. You just install it and use it. No servers, no hassle. I also recommend going for whatever your resources tell you to use if you don't want much compatibility hassle (Oracle outer joins vs. standard outer joins, numeric vs. number etc.)

>>141664684
Really? I figured php and sql were just different versions of the same thing. From what i've been reading so far it seems that sql is mostly low level stuff while php is more user friendly version of sql all in a neat gui package. I take it i'm really off base?

File: 1338672662473.jpg-(77 KB, 1080x466, MeanwhileAtAnonsHouse.jpg)

>>141664913
Way ahead of you bro. I was reading "Learn SQL the hard way" and going through the setup. Looks pretty straight forward but if it's like Microsoft Access then it will get completed fairly quickly.

>People actually agreeing with the idea that less characters avaiable doesn't affect security

Increasing the number of characters to make the password from, how silly!

Why would you do something like that? Get rid of case sensitivity.

And numbers

And any special characters

Might as well get rid of every letter but the letter "a," as well

Toss a 6 to 9 character limit on passwords too.

aaaaaa
aaaaaaa
aaaaaaaa
aaaaaaaaa

I cringed

>>141664953
Totally. SQL is a language for database communication. You use it to create tables, relationships, views, indexes etc.
PHP is for server-side scripting. It's used in web pages and is run on the server to generate custom pages that are delivered to you. Say, http://www.youtube.com/watch?v=KPXavenq0GM
The part after the ? is a list of parameters (in this case, only v). Youtube has a single watch page and a database of vids. When you access the above link, you pretty much ask the server for the watch page, and giving it the KPXavenq0GM as a parameter (the PHP code in their page receives the parameter). The server uses that to query a database (you can embed SQL in PHP) and fetch a vid (and comments) with that ID. It then generates a watch page that gets delivered to you, devoid of any PHP code. PHP& SQL are often used in conjunction, but they cover strictly separate aspects of the web.
Also, if you don't already know, for web stuff you should look into HTML, CSS, Javascript (not to be confused with Java) and DOM.

>>141666201
Welp, guess i'm learning php along with sql since they go hand in hand. If I switch focus on php would I be able to use what I learned in php to also learn sql or are they so interwoven together that I would end up learning both regardless?

If my password was 82ycDa3 do you think it would be likely that somebody could find that out and not realize the D is capitalized? It doesnt really matter.

>>141665519
I think it is because most people who get hacked on WoW or other sites do so because they had a trojan or due to fishing scams or because they use the same password for everything. Their accounts werent compromised due to someone brute forcing the password.

>>141666863
Yeah but if your password is chAir it takes a million more words for a bruteforcer to crack it.

He's right...I mean considering you're gonna get hacked anyway, whats the point?

In all seriousness, when has blizzard ever really had a good argument?

Remember that real id fiasco where the dude gave out his information and tons of people started calling and hate mail and etc?

Shit they don't know wtf they're doing anymore.

>>141666689
They're not interwoven together, they're perfectly separate but are both covering different aspects of web serving (scripting and querying) that are both vital for a modern web. It's better to learn them separately, as they're just different stuff, but they are used together a lot practically. I'd say, start with SQL and basics of database design, then move on to PHP.

>Randomizing captilizations
>illusion of security

Not even Bioware can fuck up this badly.

>>141667349
Ah, I got you. So sql is structure and the actual database management while php is almost like the middle man that relays information between the user the database itself? I think I get it now. I'll keep on working on sql then. I'll leave you guys alone but thanks for the help bros!

>>141667780
Kinda. It'll all make sense once you know both, if you're determined to keep studying it.

He is 100% right, people who get "hacked" in WoW are people who have key loggers.

Plus if anybody is worried about security then they should get an authenticator because they are free.

>>141668456
They arent free, not everyone has a cel phone.

>>141668906
>not everyone has a cel phone.
Only niggers and people under 10 years dont have a celphone

>>141669115
Both those types do these days actually.

>>141669203
well, fuck.

>>141669115
or people who choose not to have them. I personaly dont like constantly bothered by a cell phone, a doubt that they arent health concerns with carrying one.

>>141671042
>a doubt that they arent health concerns with carrying one.
Their radiation is hundreds of times weaker than the one used in airports, which reflects right off you skin, which in turn is hundreds of times weaker than X-rays.

>>141671336
no man don't you get it ALL RADIATION can cause cancer. ALL RADIATION.
That's why I seal myself inside a pitch black room and post using audio cues only.

File: 1338676510124.jpg-(46 KB, 317x317, 1307048012708.jpg)

>Use retarded shit as password
>Never had any problem

Same for secret question

>What is the name of your favorite friend?
>Knife

Of course this retarded shit would never stand against anyone competent, but it keep most of the small shit off.

>>141671601
Turn on your radio. Do you hear static? That's waves. You can't escape them. They're using those waves to control your mind. There's only one way anon, and it's made by Smith & Wesson!