this post was submitted on 14 Jul 2023
1177 points (92.1% liked)

Technology

59569 readers
3949 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L4s@lemmy.world
L3s@fry.gs
L4s@fry.gs
enu@lemmy.world
1177
Passwords (lemmy.world)
submitted 1 year ago by 8tpercent@lemmy.world to c/technology@lemmy.world
246 comments fedilink hide all child comments
 

We've all been there.

you are viewing a single comment's thread
view the rest of the comments
[–] graphite@lemmy.world 17 points 1 year ago (2 children)

Password can't exceed 32 characters

Garbage

[–] Smokeless7048@lemmy.world 6 points 1 year ago (2 children)

i wouldn't even mind if it was 32. 32 is a damn strong password.

I've seen as low as 10 digits in the past

[–] iopq@lemmy.world 8 points 1 year ago (1 children)

My Wells Fargo password used to be max 8 characters, and when you use the phone you you can basically use the keypad to log in.

So it's basically 8 DIGITS

[–] Smokeless7048@lemmy.world 1 points 1 year ago

Wow, super secure!

[–] graphite@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

32 is a damn strong password

Not necessarily: only if it's generated properly, and only for the moment - that will change in the next few years.

You do realize that length and symbol type are only 2 out of many other factors that go into a strong password?

[–] Smokeless7048@lemmy.world 2 points 1 year ago (1 children)

Ok, fair, not all 32 digit passwords will be secure.

11111111111111111111111111111111 is not secure, but I was trying to imply, in a properly generated password, 32 digits long is very secure.

[–] graphite@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

but I was trying to imply, in a properly generated password, 32 digits long is very secure.

I understand, and I think you make a valid point as far as the discussion is concerned.

It's unfortunately still a little more complicated than that, though.

Like I said, there's more to a password than length and symbol type.

Even something like cF*+@aXbIdFHje2vZiU-1 is less secure than if it were generated by a good PRNG.

D0@ndro!dsDr@3@m0f3l3ctr!cSh33p? is also insecure, though it might have been considered secure 4-5 years ago.

You see what I'm saying?

Then of course there's hash algorithms and how those are used to authenticate the passwords themselves, etc.

[–] Revan343@lemmy.ca 2 points 1 year ago

You think that's bad, a decade ago I had to use a government-run website that required passwords be exactly 8 characters