|
|
|
|
|
|
by MiguelHudnandez
5058 days ago
|
|
|
It is equally obnoxious to generate a random string of garbage and: * insist it's the username, * insist it is in the password somewhere, or * make them type the string in a third logon field It adds friction to the process in order to solve a problem that is not "ours" to solve. An option with less friction would be to ask them to choose a picture from 16 candidates. The 16 candidate photos would need to be generated from the username to avoid the ability to refresh the page and find the persistent image. Each image could have the random characters associated with it to be used as an addendum to the salt, or for whatever purposes on the back end which the random characters are supposed to accomplish. |
|
|