this post was submitted on 25 Aug 2024
565 points (98.6% liked)

Cybersecurity - Memes

1995 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 

What is your favourite password rule?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 46 points 3 months ago (6 children)

I just had to make a password for a hotel.

8 to 20 characters Uppercase Lowercase Digits OR special characters.

The capitalized OR is important. You can have either numbers in the password, or special characters, BUT NOT BOTH.

Took me 8 tries.

  • First one was too long.
  • Second and third used both numbers and characters, but I thought the characters were TOO special.
  • 4 through 6 used both numbers and special characters.
  • Seventh password used just letters and numbers, and it was accepted.
  • Eighth try I used just letters and keyboard characters, and that was accepted too.
[–] [email protected] 22 points 3 months ago (5 children)

The best part to me is that they include all of these rules to increase the security, but then set a maximum length of the password, which from my understanding is the easiest way to add complexity/security to a password.

[–] [email protected] 19 points 3 months ago (2 children)

The actual funny (or sad) thing about this: even without a length limit all they do is make the password less secure because every constraint just reduces the possible password space.

As someone who generates every password with a password manager those sites are a pain in the ass because you have to somehow get these constraints into the generator.

[–] fadedmaster 4 points 3 months ago

Keepass deals with this fairly well. It remembers the restrictions from the previous password.

load more comments (1 replies)
load more comments (3 replies)
load more comments (3 replies)