this post was submitted on 14 Jul 2023
1176 points (92.2% liked)

Technology

59651 readers
4737 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

We've all been there.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 18 points 1 year ago (2 children)

Password can't exceed 32 characters

Garbage

[–] [email protected] 6 points 1 year ago (2 children)

i wouldn't even mind if it was 32. 32 is a damn strong password.

I've seen as low as 10 digits in the past

[–] [email protected] 8 points 1 year ago (1 children)

My Wells Fargo password used to be max 8 characters, and when you use the phone you you can basically use the keypad to log in.

So it's basically 8 DIGITS

[–] [email protected] 1 points 1 year ago

Wow, super secure!

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

32 is a damn strong password

Not necessarily: only if it's generated properly, and only for the moment - that will change in the next few years.

You do realize that length and symbol type are only 2 out of many other factors that go into a strong password?

[–] [email protected] 2 points 1 year ago (1 children)

Ok, fair, not all 32 digit passwords will be secure.

11111111111111111111111111111111 is not secure, but I was trying to imply, in a properly generated password, 32 digits long is very secure.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago)

but I was trying to imply, in a properly generated password, 32 digits long is very secure.

I understand, and I think you make a valid point as far as the discussion is concerned.

It's unfortunately still a little more complicated than that, though.

Like I said, there's more to a password than length and symbol type.

Even something like cF*+@aXbIdFHje2vZiU-1 is less secure than if it were generated by a good PRNG.

D0@ndro!dsDr@3@m0f3l3ctr!cSh33p? is also insecure, though it might have been considered secure 4-5 years ago.

You see what I'm saying?

Then of course there's hash algorithms and how those are used to authenticate the passwords themselves, etc.

[–] [email protected] 2 points 1 year ago

You think that's bad, a decade ago I had to use a government-run website that required passwords be exactly 8 characters