Sunday, 7 June 2015

Dropbox Prohibits 85,000 Words As Passwords

To prevent users from weak or easily guessed passwords choose Dropbox uses an extensive list of forbidden words. This was discovered by researcher Jerod Brennen by the Dropbox app to extract through the program 7-Zip. Both APK files on Android and iOS IPA files are really just zip files, in all but name. In the app, he found a file called pw.html, from what appeared to be 52 lines of JavaScript.

The script aims to prevent Dropbox users choose weak passwords when creating an account via the mobile app. The script uses a line with 85 100 banned words that should not be chosen as a password. These are words like password, computer and qwerty up of figures as 123456, 696969 and 111111 to combinations as abc123, passw0rd and 1234qwer. Also notable is the large number of obscene words that should not be selected. According Brennen that the online list has put, security professionals can add the word to their own lists and tools.

No comments:

Post a Comment