1529
you are viewing a single comment's thread
view the rest of the comments
[-] EpicFailGuy@lemmy.world 4 points 1 year ago

More than to protect a real password, this is done (in my experience) to prevent a bunch of unoriginal drones make that THEIR password, because they think is funny, which only means the string gets added to a "passwords to attempt" text list on some hacking website ....

Decreasing security all together

Case in point: Hunter2, correcthorsebatterystaple, solarwinds123 and Pa$$w0rd1

[-] Furbag@lemmy.world 5 points 1 year ago

I mean, the philosophy behind correcthorsebatterystaple is good. I used that method for master passwords to password managers and it really does work well to help you remember a long complex password that can't be guessed easily.

But some people might have been missing the point of that xkcd using correcthorsebatterystaple itself.

[-] jasory@programming.dev 7 points 1 year ago

It's okay. The thing is when running an attack are you going to permutate through every combination of characters, or are you going to use words from a dictionary first? correcthorsebatterystaple (not a dictionary word) is better than antidisestablishmentarianism (a dictionary word) but in a realistic attack concatenating dictionary words is going to be the next step.

[-] theterrasque@infosec.pub 2 points 1 year ago* (last edited 1 year ago)

Because of the number of potential words in the dictionary, it's still fairly secure. I would recommend 5 or 6 words though

this post was submitted on 20 Oct 2023
1529 points (99.0% liked)

Programmer Humor

32361 readers
303 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS