savannah-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-users] password must contain multiple character classes...


From: Bob Proulx
Subject: Re: [Savannah-users] password must contain multiple character classes...
Date: Fri, 5 Apr 2013 00:46:17 -0600
User-agent: Mutt/1.5.21 (2010-09-15)

Kaz Kylheku wrote:
> Miles Bader wrote:
> > address@hidden (Karl Berry) writes:
> >> How is your password "much" better?  Using non-alphanumeric
> >> characters?  I thought they were allowed even though the message
> >> doesn't mention them.

The whole concept of a favorite password bothered me.  Because it
means that passwords are being reused.  Reusing passwords is bad.

> > I think there's a pretty general consensus by now that this sort of
> > requirement ("must contain a digit and a punctuation symbol" or
> > whatever) does more harm than good.  Most certainly it's annoying...
> 
> It's completely retarded. It only induces people to choose weak
> passwords.
> Must contain a capital? Okay, capitalize the dictionary word.
> Must contain a digit? Okay, stick a one on it, or replace an o with 0.
> 
> There should be a choice: numbers and glyphs, or make it longer.
> I'd rather type a password phrase with multiple words and spaces.

I just use completely random passwords these days.  No "favorite"
passwords for me.  I have far too many accounts to remember each one.
Therefore I do write them down and simply cut and paste them.

  Why passwords have never been weaker—and crackers have never been stronger
  http://arstechnica.com/security/2012/08/passwords-under-assault/

  From the article:
  "The average Web user maintains 25 separate accounts but uses just
  6.5 passwords to protect them..."

And of course XKCD also addresses this too:

  Password Reuse
  http://xkcd.com/792/

Bob



reply via email to

[Prev in Thread] Current Thread [Next in Thread]