• @EpicFailGuy@lemmy.world
    link
    fedilink
    English
    41 year ago

    More than to protect a real password, this is done (in my experience) to prevent a bunch of unoriginal drones make that THEIR password, because they think is funny, which only means the string gets added to a “passwords to attempt” text list on some hacking website …

    Decreasing security all together

    Case in point: Hunter2, correcthorsebatterystaple, solarwinds123 and Pa$$w0rd1

    • @Furbag@lemmy.world
      link
      fedilink
      51 year ago

      I mean, the philosophy behind correcthorsebatterystaple is good. I used that method for master passwords to password managers and it really does work well to help you remember a long complex password that can’t be guessed easily.

      But some people might have been missing the point of that xkcd using correcthorsebatterystaple itself.

      • @jasory@programming.dev
        link
        fedilink
        71 year ago

        It’s okay. The thing is when running an attack are you going to permutate through every combination of characters, or are you going to use words from a dictionary first? correcthorsebatterystaple (not a dictionary word) is better than antidisestablishmentarianism (a dictionary word) but in a realistic attack concatenating dictionary words is going to be the next step.

        • Terrasque
          link
          fedilink
          2
          edit-2
          1 year ago

          Because of the number of potential words in the dictionary, it’s still fairly secure. I would recommend 5 or 6 words though