this post was submitted on 25 Aug 2024

555 points (98.4% liked)

Cybersecurity - Memes

1905 readers

2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Alphadef@programming.dev

CannaVet@lemmy.world

555

Obscure password requirements (feddit.org)

submitted 3 weeks ago by cron@feddit.org to c/cybersecuritymemes@lemmy.world

108 comments fedilink hide all child comments

What is your favourite password rule?

you are viewing a single comment's thread
view the rest of the comments

[–] nicknonya@lemmy.blahaj.zone 9 points 3 weeks ago (2 children)

at what point do password requirements start making password easier to crack?

[–] Clent@lemmy.world 16 points 3 weeks ago

They already do. If I know a number is required, I don't have to try any passwords that don't have a number.

[–] frezik@midwest.social 3 points 3 weeks ago* (last edited 3 weeks ago)

They invariably do. They always constrain the list of things that a fully random generator could possibly make. They never add to that list.

Even rules like "can't use the same character twice in a row" constrain the list at least a little. That one makes it harder for dumb people to do dumb things, but also makes it harder for smart people to do smart things.