You are viewing a single comment's thread from:

RE: A brief rant on password security [Edit: Not so brief after all]

in #security8 years ago

The trouble with Dashlane is that they are implementing a policy which (1) makes passwords harder to remember, which is insecure, and (2) are promoting a password security anti-pattern, namely, that adding more character types for the sake of adding more character types makes your password more secure. It doesn't; both in theory and in practice, it makes the password strictly less secure.

It's theoretically less secure because by bounding out possible passwords, you guarantee to attackers that they don't have to try guessing several entire classes of password.

It's practically less secure because it funnels the vast majority of people into just a few different common password formats which check all the boxes, and are easy to remember, but also happen to be easy to guess.

Coin Marketplace

STEEM 0.25
TRX 0.25
JST 0.040
BTC 93708.85
ETH 3368.00
USDT 1.00
SBD 3.50