There is no such thing as a secure password and passwords aren't the end all of security. Even if the perfect program/script were to be written which was unbreakable, the password would still have it's greatest weakness in the user, who could tell someone the password, use it on a different non-secure site, or etc...

I agree with you. Nevertheless, applying security is like building walls around your systems, and doors on the walls; and none of the doors should be too easy to open.

A password is such a door. And every door should be secured as much as possible, compatibly with the environment around the system itself. Obviously, it doesn't make sense to have an uncatchable password when you leave yourself logged in on a publicly accessible terminal :-)

Ciao!
--bronto

The very nature of Perl to be like natural language--inconsistant and full of dwim and special cases--makes it impossible to know it all without simply memorizing the documentation (which is not complete or totally correct anyway).
--John M. Dlugosz