I just see *******************
Comment on YSK The World’s Most Common Passwords
psx_crab@lemmy.zip 3 weeks ago
So i guess p@s5w0RD123pA55wOrD would be super strong.
JackbyDev@programming.dev 3 weeks ago
psx_crab@lemmy.zip 3 weeks ago
Need your credit card number and the 3 digit number at the back of the card to see what i typed.
itslilith@lemmy.blahaj.zone 3 weeks ago
That’s okay at best. Better if a passphrase, just random, impersonal words, something like this (~50 bits of entropy):
“virtual raging vineyard clad runner”
Best is a long, completely random string, stored in the password manager that you should be using anyways ~150 bits of entropy):
“hX0hZ1QTWtQo(h[Ta9jH]TmsVIhUTgSE”
psx_crab@lemmy.zip 3 weeks ago
I did use a password manager, but issue is i still need password for the password manager so it can’t be random lol.
undefined@lemmy.hogru.ch 3 weeks ago
From my experience brute forcing passwords, no. It’s smart enough to try character substitutions and it annoys me so much that the FBI recommends this practice.
psx_crab@lemmy.zip 3 weeks ago
Wait it’s not? I remember some people in the industry recommend this sort of password albeit with variation of other random words as it’s pretty strong and would take a very long time to crack.
locuester@lemmy.zip 3 weeks ago
Indeed, just four impersonal words is a great password. Mix up the capitalization and it’s even better.
undefined@lemmy.hogru.ch 3 weeks ago
If it’s a bunch of words found in any dictionary then with or without character substitution it’ll be easy to crack.
itslilith@lemmy.blahaj.zone 3 weeks ago
It’s not. A dictionary has on the order of ≈100,000 (10^5) words in it. Picking five words entirely at random gives you 10^25 combinations, which is about the complexity of 14 alphanumeric characters. So pretty secure.
Image