The biggest security hole on your website is your login form.Â If you allow weak passwords, then it does not require special hacker tricks to break in to your website - a simple password guessing program will do the job just as well.
The following password types are weak and can often be guessed by simple password-guessing programs:
ExSite tries to detect these cases, and depending on your security settings, may not allow such weak passwords.Â If your password is rejected as too weak, you can make it much stronger with some minor changes, such as:
|password1||one of the most common passwords in general use - but still quite weak|
|maryjane||weak - uses common names|
|Mary-Jane||stronger - due to mixed case and punctuation|
|2 b or not 2 b||strong|
|K&x9#uv)+-?||extremely strong, but a nuisance to remember and type :-(|
ExSite's password strength requirements can be adjusted if you want to relax them and allow for weaker passwords.Â However, you should be aware that weaker passwords means a weaker website.Â You should always consider your obligations and liability with respect to protecting your clients' personal information, before bowing to users' demands to allow them to use weak passwords.