[WEB SECURITY] New two-stage login procedure
Gervase Markham
gerv at gerv.net
Wed Dec 13 14:14:46 EST 2006
Brian Eaton wrote:
> On 12/13/06, Brian Eaton <eaton.lists at gmail.com> wrote:
>> They ask for three digits, so there
>> are 1000 possibilities.
>
> <blush>
>
> I can't count. They ask for three digits, but order doesn't matter.
> Assuming they won't ask for you to enter the same digit multiple
> times, there are 120 possibilities, not 1000.
Order does matter. That is, they may ask for them in a random order, but
you still have to put the 3rd one in the box marked "3rd", and so on -
you can't put it in the box marked "2nd". So it's 1000 possibilities,
not 120.
Gerv
----------------------------------------------------------------------------
The Web Security Mailing List:
http://www.webappsec.org/lists/websecurity/
The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
More information about the websecurity
mailing list