this post was submitted on 14 Jul 2023
1176 points (92.2% liked)
Technology
59651 readers
4737 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Garbage
i wouldn't even mind if it was 32. 32 is a damn strong password.
I've seen as low as 10 digits in the past
My Wells Fargo password used to be max 8 characters, and when you use the phone you you can basically use the keypad to log in.
So it's basically 8 DIGITS
Wow, super secure!
Not necessarily: only if it's generated properly, and only for the moment - that will change in the next few years.
You do realize that length and symbol type are only 2 out of many other factors that go into a strong password?
Ok, fair, not all 32 digit passwords will be secure.
11111111111111111111111111111111 is not secure, but I was trying to imply, in a properly generated password, 32 digits long is very secure.
I understand, and I think you make a valid point as far as the discussion is concerned.
It's unfortunately still a little more complicated than that, though.
Like I said, there's more to a password than length and symbol type.
Even something like cF*+@aXbIdFHje2vZiU-1 is less secure than if it were generated by a good PRNG.
D0@ndro!dsDr@3@m0f3l3ctr!cSh33p? is also insecure, though it might have been considered secure 4-5 years ago.
You see what I'm saying?
Then of course there's hash algorithms and how those are used to authenticate the passwords themselves, etc.
You think that's bad, a decade ago I had to use a government-run website that required passwords be exactly 8 characters