Cybersecurity - Memes

1964 readers

2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

[email protected]

565

Obscure password requirements (feddit.org)

submitted 2 months ago by [email protected] to c/[email protected]

107 comments fedilink hide all child comments

What is your favourite password rule?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 46 points 2 months ago (6 children)

I just had to make a password for a hotel.

8 to 20 characters Uppercase Lowercase Digits OR special characters.

The capitalized OR is important. You can have either numbers in the password, or special characters, BUT NOT BOTH.

Took me 8 tries.

First one was too long.
Second and third used both numbers and characters, but I thought the characters were TOO special.
4 through 6 used both numbers and special characters.
Seventh password used just letters and numbers, and it was accepted.
Eighth try I used just letters and keyboard characters, and that was accepted too.

[–] [email protected] 22 points 2 months ago (5 children)

The best part to me is that they include all of these rules to increase the security, but then set a maximum length of the password, which from my understanding is the easiest way to add complexity/security to a password.

[–] [email protected] 19 points 2 months ago (2 children)

The actual funny (or sad) thing about this: even without a length limit all they do is make the password less secure because every constraint just reduces the possible password space.

As someone who generates every password with a password manager those sites are a pain in the ass because you have to somehow get these constraints into the generator.

[–] [email protected] 4 points 2 months ago

Keepass deals with this fairly well. It remembers the restrictions from the previous password.

load more comments (1 replies)

load more comments (3 replies)