
WTF? AT&T’s profane-password ban lets some swears through - Lightning
http://arstechnica.com/security/2013/04/wtf-ats-profane-password-ban-lets-some-swears-through/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29
======
Millennium
The only passwords it makes any sense to ban are the fifty or so most common,
plus simple number and case permutations of these, and MAYBE the most basic
leet-speak versions as well. That's enough to make a prankster typing at a
keyboard give up, and that's as much as you can hope to stop with this type of
policy. No password ban will stop someone with a cracking app, and no serious
intruder will be without one of those.

