Amicitas@lemmy.world to Technology@lemmy.worldEnglish · 2 months agoNIST proposes barring some of the most nonsensical password rulesarstechnica.comexternal-linkmessage-square171fedilinkarrow-up1320arrow-down14file-text
arrow-up1316arrow-down1external-linkNIST proposes barring some of the most nonsensical password rulesarstechnica.comAmicitas@lemmy.world to Technology@lemmy.worldEnglish · 2 months agomessage-square171fedilinkfile-text
minus-squareescapesamsara@lemmings.worldlinkfedilinkEnglisharrow-up3arrow-down1·2 months agoThen you’re vulnerable to simple brute force attacks, which if paired with a dumped hash table, can severely cut the time it takes to solve the hash and reveal all passwords.
minus-squarecmnybo@discuss.tchncs.delinkfedilinkEnglisharrow-up4·2 months agoBy any length I meant no maximum length. Obviously you don’t want to use a super short password.
minus-squareMelodiousFunk@slrpnk.netlinkfedilinkEnglisharrow-up4·2 months ago“What’s your password?” “The letter A.”
minus-squarecatloaf@lemm.eelinkfedilinkEnglisharrow-up2·2 months agoMine is the null string. They’ll never guess it!
Then you’re vulnerable to simple brute force attacks, which if paired with a dumped hash table, can severely cut the time it takes to solve the hash and reveal all passwords.
By any length I meant no maximum length. Obviously you don’t want to use a super short password.
“What’s your password?”
“The letter A.”
Mine is the null string. They’ll never guess it!