37
Dear mandlea,
in a windows or unix system you have to be system administrator, to see a list of all login names.
A Hacker must in fact use brute force or social hacking to get a username and then has to do the same with the password.
In a XOOPS environment, a hacker registers himself as a new user and then takes a look at the users list. With the username=loginname he has access to all loginnames and needs only to hack through the passwords.
So your comparison between unix and XOOPS is not quite as simple as you state it here.
What kind of users do you address on your homepage, that you believe they choose passwords as komplex and secure as you have written in your example? Normal users (not internet security specialists
) tend to use name_of_my_1st_child_and_part_of_my_wifes_birthdate or similar.
I agree with you, that this feature is an additional source for confusion and therefor support issues, but i cannot follow your argumentation. This gets a bit to academic and way to aggressive for my taste.
Also I think, with your teaching wording it is fairly improbable that anyone who is in a positon to do this change has a strong motivation to do so for you.
So i suggest you calm down a bit and let people think about the pros and cons.
Marco
--
Match Dart!Darts Ranking, News, Videos, Forum and more