267

Always include special characters

Comments
  • 2
  • 2
    Amazing one, can't stop laughing hahaha! ๐Ÿ˜‚
  • 3
    Forcing to include at least one special char makes it weaker against brute forcing. Now you do know that at least one character is not a-Z, nor 0-9, which already reduces possible combinations.
    It kinda works against stupid simple passwords tho. However I bet that 95% of these passwords just get a 'special char' appended. And with special char I mean !
  • 1
    @Kimmax It doesn't make it weaker, if you append a special char, only, if you replace another character by it. ;)

    Adding characters to a password always makes it stronger (appending [.-_!,?] (these are probably the effectively used special characters by most users, not all actually available chars) just doesn't increase its strength as much as appending [\w]).
  • 1
    @theCalcaholic let's say you force againstโ€‹ 6-12 chars, it does make it weaker, because you can rule down the possible characters of at least one position. This gets worse if you say "At least one special, one upper case and a number" now you know that one field won't have anything else than 0-9, one won't have anything else than a uppercase letter A-Z (excluding possible non ASCII characters, like Ä, for simplicity)
    It's all about getting the possible combinations up to harden against brute force. So in that sense, a 6-12 character password with no enforced public requirements is stronger than one with restrictions
    Rainbow Tables and other precomputed hash tables are another story tho
  • 0
    I'm going to start using complementary phrases as passwords. Not only will I create a positive atmosphere for myself, but if I am compromised, perhaps the hacker will take the complement instead of my identity.
  • 1
    @theCalcaholic ah yes, missed the appending part
  • 0
    @Kimmax Okay, that's correct. I don't see the reason for character limitations for passwords anyways (except DDOS protection, but I don't need a fucking 8 character limit - I'd say anything bigger than 30 is reasonable).
  • 1
    @ThatDude one website I registered at allowed to include '!' in passwords so I used one. Guess what? I couldn't sign in a week later. Know why? They forbid using '!' in passwords...
  • 2
    My passwords contain 27 up to 32 characters. If I want to sign up for a website and get an error that I'm not allowed to use this much chars I always quit. I can't think of passwords this short. I'm too creative for this world I guess ๐Ÿ˜ข
  • 0
    correct horse battery staple
  • 0
    I don't think that throwing a monitor off a window will help
  • 1
    I love this comic series in general.
  • 1
    'You're the one who is weak! And you'll never know love or friendship!'
  • 1
    That hit hard ๐Ÿ˜‚ @catintroholic
  • 0
    Never use special characters because you're vulnerable to all the crackers that assume you used them.
  • 0
    @mzeffect Ts... Just randomly generate everything in the pattern '.{12,30}'. :P
  • 0
    What are the potential implications of enforcing the inclusion of at least one special character in passwords, particularly in terms of its impact on password strength against brute force attacks?
Add Comment