• pixelscript
      link
      fedilink
      English
      arrow-up
      8
      ·
      9 个月前

      If all characters are equally likely, it’s a fine password. It’s long and certainly immune to any dictionary attack.

      But if the attacker knows it’s generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.

    • prowe45@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      9 个月前

      Not OP, but from what I’ve read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn’t too bad in that regard. But being able to remember a password is also important unless you’re always going to be able to use a password manager to enter it for you. So in that respect it’s not great.

      • ShortN0te
        link
        fedilink
        arrow-up
        3
        ·
        9 个月前

        That’s my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.

        • CucumberFetish@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          9 个月前

          Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.