I know i know, its an old story.

but.

FUCK YOU AND YOUR STUPID PASSWORD REQUIREMENTS

NO SPECIAL CHARACTERS WONT MAKE IT SAFER

FFS. JUST SAY IT HAS TO BE 20 CHARACTERS AND BE DONE WITH IT

I get shook when they tell me no special chars and limit it to like 12 characters

@Stuxnet Uplay, Origin and Battle.net Password are capped to 16 characters...which means my std level 2 password (semi important game accounts i would like to not lose) doesnt fit. Worse, the blizzard launcher actually trims you down on account creation/pw change but overwrites the last letter when login in the app.

Hmm, so special character's lives don't matter?
You characterist!!

To be serious having special character is better than all small or integers.

Why wont special characters make it safer?

Otherwise you would have (2*26 + 10) to the power of the number of characters possilities (A-Za-z0-9)

When you introduce special characters its waaaaaaaaay more.

@jareish the amount of entrophy won by a few more possible characters compared to the risen risk of me getting an hearth attack when trying to remember the password is not worth it it.

Simply spoken, if i have a simple to memorize password that is very long compared to one that is needlesly complex but shorter, length trumps complexity.

See xkcd 936, the math behind is, as far as i can see it, sound.

What is more annoying for me is when I get error message "Sorry, you used this password in the past" when I use "forgot password" feature. At this point I don't use password for Amazon anymore and just get one-time code emailed each time I want to log in.

@jareish that's only true if you allow special characters but don't force them. You limit the possibilities because you know for sure there has to be a special character.

@BurnoutDV two words for you: password manager

Special characters objectively increase the strength, that’s beyond debate. Use a password manager instead trying to remember anything.

That reminds me of this little comic.

@TFujiwara its exactly what i am refeering to

@maushax people in the company and external companies are always baffled when i tell them that i know no passwords beyond my own, i cannot see the passwords of other people. Just reset it. Seems to be a rather new concept in germoney

What I wonder about the comic. Wouldnt a hacker use words in the english dictionary first?

What I usually do for passwords:

Name of service + 1 random word of a pool of 20 (not in dictionary, game characers anime or something) written in leet speak + my age when I started using passwords + exclamation mark

So for me there isnt much randomization but for a hacker it would still be random unless he knows the formula... ow f I just told my darkest secret

@jareish that is the point. Even if you have perfect knowledge of the dictionary and that dictionary only contains only 2048 words, the complexity is already higher than Tr0b4&0r! has, with only 4 words. It gets even more silly when you have learned other languages and uses words from them. My passwords usually contain 4 or 5 word from that many languages (i only speak two though)

https://explainxkcd.com/wiki/...