DEV Community

Gabor Szabo
Gabor Szabo

Posted on • Originally published at perlweekly.com

Perl Weekly #687 - On secrets

#perl #news #programming

Originally published at Perl Weekly 687

Hi there!

Last week the Weekly Challenge was about strong passwords. This made me wonder what is a strong password? On some web sites the length of you password is limited. (e.g. max 8 characters) which seems to me an indication that the developers have no clue about password security. Actually worse than that. It makes me worry that the site keeps the password as clear text in the database and the field size was set to that number. (e.g. 8 characters). Some places don't allow you to include spaces which make me wonder if they are constructing their database INSERT statement using string concatenation opening themselves to SQL injection attacks.

On many web sites you are required to use both upper and lowercase letters, digits and symbols. The symbols being a subset of the characters having the decimal ASCII code 32-47, 58-64, 91-96, 126. That is up to 30 different characters. The letters are 2*26 characters and the digits are the 10 different digits. The number of possibilities using letters and digits only is (26*2 + 10)^n and if we include all the symbols as well then it is (26*2 + 10 + 30)^n for a password of n characters. If I am not mistaken with this and with the calculations, this means that a 7-character password using [a-zA-Z0-9] has more variety than a 6-character password that also includes symbols. In other words having a longer password makes your password much stronger than including symbols as well. As far as I understand having 15-charcter password using only letters and spaces would make my password much stronger than having an 8-character password using all 92 characters.

So I tend to use sentences that make sense to me or quotes from poems or from song lyrics as passwords. That makes it much easier to remember them and - if I am not mistaken - harder to find by an attacker.

What do you think?

In other news Adam Russell, Brett Estrade, and Christos Argyropoulos are trying to get the word out about the Perl Community Conference / Science Perl Journal Winter 2024 CALL FOR PAPERS NOW OPEN! (Deadline 9/30).

Enjoy your week!

--
Your editor: Gabor Szabo.

Announcements

CFP: Perl Community Conference, Winter 2024 🎂 - closes 9/30

Reading that announcement it is unclear to me. Is it a journal or is it a virtual conference? Are people expected to submit the paper to present it or are those two things separate? I suggest you ask the organizers!

Articles

Ways in which the Camel Book permanently altered my idiolect

... or 5 quotes from the book

Dancing with Copilot Workspace

It seem Dave is quie happy with the various features of Copilot. It might be time that I also give it a try. At least for open source projects.

Crypt::OpenSSL::PKCS12 1.92 released to CPAN

Taking VelociPerl for a ride

Personally I don't think I like closed-source 'improvements' to Open Source projects. It feels like ripping off the volunteer work of the community who built that Open Source software. On the other hand maybe this is the only way to getting rid of certain old construct in Perl that limit the improvements in the language. There is also a discussion on Reddit about this.

The Weekly Challenge

The Weekly Challenge by Mohammad Sajid Anwar will help you step out of your comfort-zone. You can even win prize money of $50 by participating in the weekly challenge. We pick one champion at the end of the month from among all of the contributors during the month, thanks to the sponsor Lance Wicks.

The Weekly Challenge - 288

Welcome to a new week with a couple of fun tasks "Closest Palindrome" and "Contiguous Block". If you are new to the weekly challenge then why not join us and have fun every week. For more information, please read the FAQ.

RECAP - The Weekly Challenge - 287

Enjoy a quick recap of last week's contributions by Team PWC dealing with the "Strong Password" and "Valid Number" tasks in Perl and Raku. You will find plenty of solutions to keep you busy.

Challenge 287

Interesting story behind getting the optimal solution. I find it very engaging. Thanks for sharing kmowledge.

Strong and Valid

Regex in Raku is showing the true power. Handling the edge case is the bonus. Great work, keep it up.

Strength in Numbers

Mix of readymade solution or pure regex approach. Plenty to keep us entertained. Well done.

Strong Password

Great to see blog post after a long time. You can clearly see the reason why it is needed. You really don't want to skip it.

Common Passwords

Using CPAN can produce elegant one-liner as shared in the post. Breaking down task is also very handy. Thanks for the contributions.

Perl Weekly Challenge 287: Strong Password

Breaking down the task to deal complex task is very handy. And on top we get the detailed discussion. Great work, keep it up.

Perl Weekly Challenge 287: Valid Number

Great introduction to advanced regex of Raku. Complex subject explained so easily, well done.

in regexp we trust!

Welcome back to blogging. Use of pure regex solution is so easy to follow. Thanks for sharing knowledge with us.

Perl Weekly Challenge 287

The highlight of this week solution is the use of regex in Perl one-liner is very unique. Great work.

About Passwords, Birds, and Common Regexes

Thorough discussion of solution shared in the blog post. I find it very engaging. Highly recommended.

Strong but Valid

Handling of unicode is not the easy route but here we have a solution where it is dealt with so ease. Brilliant work.

Strong and valid

Dealing the task in multiple stages is the coolest approach and easy to follow. DIY tool on top is bonus, you would definitely love to play.

PWC 287

Detailed discussion is very handy and explained in simple language. I find it very fun to read. Great work.

The Weekly Challenge - 287

I love self documented solution as shared in the blog post. It helps in breaking down the regex approach. Keep sharing the knowledge.

The Weekly Challenge #287

Getting pure regex solution can be sometime very difficult but here we have one. The compact discussion is worth checking.

Strong and Valid

Raku and Kotlin are the choosen language for the blog post. Specially the Kotlin's solution is fun to read. Highly recommended.

Good things

Python is always the pick of the language for the blog post. Here we got the great example of how to use regex in Python. Thanks for sharing kmowledge.

Weekly collections

NICEPERL's lists

Great CPAN modules released last week;

Events

Toronto Perl Mongers monthly meeting

September 26, 2024, Virtual event

Boston.pm monthly meeting

October 8, 2024, Virtual event

Purdue Perl Mongers

October 09, 2024, Virtual event

London Perl and Raku Workshop

October 26, 2024, in London, UK

You joined the Perl Weekly to get weekly e-mails about the Perl programming language and related topics.

Want to see more? See the archives of all the issues.

Not yet subscribed to the newsletter? Join us free of charge!

(C) Copyright Gabor Szabo
The articles are copyright the respective authors.

Top comments (0)

Read next

keploy profile image

YAML to JSON Conversion: A Comprehensive Guide

keploy -

brunofpinheiro profile image

Simplifying Angular components with Facade

Bruno Pinheiro -

labby profile image

LabEx Trending: Installing and Configuring a Mail Server and More

Labby -

khushbo_zahid_749 profile image

My Internship Experience with Code Alpha: Building Projects and Gaining Practical Skills

Khushbo Zahid -