[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-users] password must contain multiple character classes...
|
From: |
Kaz Kylheku |
|
Subject: |
Re: [Savannah-users] password must contain multiple character classes... |
|
Date: |
Thu, 04 Apr 2013 22:19:51 -0700 |
|
User-agent: |
Roundcube Webmail/0.4 |
On Fri, 05 Apr 2013 11:46:32 +0900, Miles Bader <address@hidden> wrote:
> address@hidden (Karl Berry) writes:
>> How is your password "much" better? Using non-alphanumeric
>> characters? I thought they were allowed even though the message
>> doesn't mention them.
>
> I think there's a pretty general consensus by now that this sort of
> requirement ("must contain a digit and a punctuation symbol" or
> whatever) does more harm than good. Most certainly it's annoying...
It's completely retarded. It only induces people to choose weak
passwords.
Must contain a capital? Okay, capitalize the dictionary word.
Must contain a digit? Okay, stick a one on it, or replace an o with 0.
There should be a choice: numbers and glyphs, or make it longer.
I'd rather type a password phrase with multiple words and spaces.