We’ve all been there.

    • Revan343@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      You think that’s bad, a decade ago I had to use a government-run website that required passwords be exactly 8 characters

    • Corhen@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      i wouldn’t even mind if it was 32. 32 is a damn strong password.

      I’ve seen as low as 10 digits in the past

      • iopq@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        My Wells Fargo password used to be max 8 characters, and when you use the phone you you can basically use the keypad to log in.

        So it’s basically 8 DIGITS

      • graphite@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        edit-2
        1 year ago

        32 is a damn strong password

        Not necessarily: only if it’s generated properly, and only for the moment - that will change in the next few years.

        You do realize that length and symbol type are only 2 out of many other factors that go into a strong password?

        • Corhen@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Ok, fair, not all 32 digit passwords will be secure.

          11111111111111111111111111111111 is not secure, but I was trying to imply, in a properly generated password, 32 digits long is very secure.

          • graphite@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 year ago

            but I was trying to imply, in a properly generated password, 32 digits long is very secure.

            I understand, and I think you make a valid point as far as the discussion is concerned.

            It’s unfortunately still a little more complicated than that, though.

            Like I said, there’s more to a password than length and symbol type.

            Even something like cF*+@aXbIdFHje2vZiU-1 is less secure than if it were generated by a good PRNG.

            D0@ndro!dsDr@3@m0f3l3ctr!cSh33p? is also insecure, though it might have been considered secure 4-5 years ago.

            You see what I’m saying?

            Then of course there’s hash algorithms and how those are used to authenticate the passwords themselves, etc.