this post was submitted on 14 Feb 2024
76 points (88.0% liked)

Memes

45549 readers
2032 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 8 months ago (2 children)
[–] [email protected] 8 points 8 months ago (2 children)

If all characters are equally likely, it's a fine password. It's long and certainly immune to any dictionary attack.

But if the attacker knows it's generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.

[–] [email protected] 1 points 8 months ago

stop ruining the fun, you fun ruiner

[–] [email protected] 1 points 8 months ago

Yeah, because it's 90% home-row spam.

[–] [email protected] 4 points 8 months ago (1 children)

Not OP, but from what I've read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn't too bad in that regard. But being able to remember a password is also important unless you're always going to be able to use a password manager to enter it for you. So in that respect it's not great.

[–] [email protected] 3 points 8 months ago (1 children)

That's my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.

[–] [email protected] 1 points 8 months ago

Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.