Bobby Tables Meets Password Breach

We’ve all seen the “Little Bobby Tables” comic, explaining the perils of unsanitised input, SQL injection. Now, what if we were to turn the tables on attackers with this exact method? Maybe make your password be something with a comma, so all the CSV dumps that are bought and sold break?

Is that all it would take to mess with one or two attackers? Adding a ‘,’ to your password, your username? Maybe find a super weak site you know will be exploited and create a fake account like this?

Who wants to (or has) given this a try?






2 Responses to “Bobby Tables Meets Password Breach”

  1. D,D|

    The comma is CSV’s kryptonite.

  2. Stuart MacDonald

    This is one of those ideas that is so simple that on learning it you think to yourself “Why didn’t I think of that?”

    I have been doing this for a while, unintentionally as a by-product of having strong passwords. I don’t know how to determine if it’s effective in breaking password dumps. 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *