this post was submitted on 25 Aug 2024

556 points (98.4% liked)

Cybersecurity - Memes

1975 readers

1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Alphadef@programming.dev

CannaVet@lemmy.world

556

Obscure password requirements (feddit.org)

submitted 2 months ago by cron to c/cybersecuritymemes@lemmy.world

107 comments fedilink hide all child comments

What is your favourite password rule?

you are viewing a single comment's thread
view the rest of the comments

[–] nicknonya@lemmy.blahaj.zone 8 points 2 months ago (2 children)

at what point do password requirements start making password easier to crack?

[–] Clent@lemmy.world 16 points 2 months ago

They already do. If I know a number is required, I don't have to try any passwords that don't have a number.

[–] frezik@midwest.social 3 points 2 months ago* (last edited 2 months ago)

They invariably do. They always constrain the list of things that a fully random generator could possibly make. They never add to that list.

Even rules like "can't use the same character twice in a row" constrain the list at least a little. That one makes it harder for dumb people to do dumb things, but also makes it harder for smart people to do smart things.