Quote:
Originally posted by William-Xfactor
If your billing company allows random passwords to be assigned to your customers, do it!
And use a good length, I recommend 15 char. That will stop passwords from being brute-forced. Also by having a good length ?say 15 char? even if they exploit your server or a script to locate your password file they will be flat out trying to decrypt it.
|
I wouldn't do that. That's a pain in the ass for the customers. The simplest solution is a form login page like this one:
http://www.polishmyhelmet.com/members/