this post was submitted on 03 Nov 2023
301 points (87.0% liked)

Technology

57453 readers
4581 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
301
Security expert reveals surprising way to make your password stronger: use emojis (nypost.com)
submitted 9 months ago by [email protected] to c/[email protected]
275 comments fedilink hide all child comments
(page 2) 50 comments
sorted by: hot top controversial new old
[–] [email protected] 13 points 9 months ago (15 children)

Just use longer passwords?

load more comments (15 replies)
[–] [email protected] 12 points 9 months ago (18 children)

Last week or two I've been learning more about passkeys, and it makes threads like this seem ridiculously out of date. Given the choice between emojis and passwords and hard crypto, I'll take the crypto.

load more comments (18 replies)
[–] [email protected] 10 points 9 months ago (1 children)

Long time ago a friend of mine used a set of key press to generate a smiley face to put in his bios which ended up in a situation where he was not able to type in the same smiley face into the password prompt. I had to teach him to reset his bios battery to get back into the bios.

load more comments (1 replies)
[–] [email protected] 9 points 9 months ago (8 children)

this feeeels like the stupidest idea ive ever heard.. its not like theres really an emojii standard applied as universally as text, across devices or applications... the transforms that happen... this seems fraught with terribleness

am i missing something?

[–] [email protected] 6 points 9 months ago

Although I agree it is risky, emoji are unicode characters, just like any other unicode character. If, and that's a big if, the programmers do their job right, it shouldn't matter if you use an emoji or a random kanji. It's all just another character. That said, I don't trust programmers enough to run the risk. Your password might work fine on the website but then fail on the mobile app.

Someone else said "good luck on the desktop", but Windows actually has an emoji picker built right in. Win+. will bring it up. Another fun fact, usernames and computer names both support the full unicode set on Windows, including emoji. Some fun can be had with that knowledge. I haven't tried it on Linux or MacOS yet.

load more comments (7 replies)
[–] [email protected] 9 points 9 months ago (1 children)

Grab a sentence you know well.

Pick just the first letter of each word.

It will look like it's random - for example "I like my lemmy only with beans and bacon" becomes "ilmlowbab" - and it comes from a far vaster possibility space (ever possible sentence and it need not even make sense) than that of "words in the English language and derived words" so it's a lot harder to try to crack with a dictionary attack.

Also it works in everything that takes ASCII charactes (i.e. everything but numeric only pin codes).

load more comments (1 replies)
[–] [email protected] 7 points 9 months ago (1 children)

I wonder how often curse words or obscure slang are included in dictionary attacks.

[–] [email protected] 7 points 9 months ago (4 children)

What about non English words, or slang? That would be interesting information to have.

load more comments (4 replies)
load more comments
view more: ‹ prev next ›