Comment on Why Is Computer Security Advice So Confusing?

<- View Parent
GoofSchmoofer@lemmy.world ⁨1⁩ ⁨year⁩ ago

One problem is that a great deal of correct security advice contradicts “common knowledge” security practices. Password character classes – “must include capitals, lowercase, numbers, and symbols” – are a standard example. That idea got rooted in security requirements for banks and such, and it was a bad idea even then.

I don’t know a lot about computer security - but must include capitals, lowercase, numbers, etc seems like a good idea, why is it not?

source
Sort:hotnewtop