Comment

Comment on My password is not accepted because it is too long

<- View Parent

BradleyUffner@lemmy.world ⁨2⁩ ⁨months⁩ ago

I really hope you don’t work in the tech industry.

source

Sort:hotnew top

possiblylinux127@lemmy.zip ⁨2⁩ ⁨months⁩ ago
I’ve yet to see anyone link to a source

Here is where I’m getting my info

cybersecuritynews.com/nist-rules-password-securit…

source
- SkaveRat@discuss.tchncs.de ⁨2⁩ ⁨months⁩ ago
  you realize that they say the exact opposite of what you are saying, right?
  
  Longer passwords are generally more secure and easier for users to remember,” said Dr. Paul Turner, a cybersecurity expert at NIST. “We’re moving away from complex rules that often lead to predictable patterns and towards encouraging unique, lengthy passphrases.
  
  source
possiblylinux127@lemmy.zip ⁨2⁩ ⁨months⁩ ago
You haven’t provided any evidence to support your claim. Online accounts can’t easily be brute forced.

If a hash is leaked you just change the password. As long as you aren’t reusing the same password everywhere you are fine.

source
- humorlessrepost@lemmy.world ⁨2⁩ ⁨months⁩ ago
  If the hashes are leaked and that’s immediately caught and customers are immediately informed, just change your password.
  
  source
- Kissaki@feddit.org ⁨2⁩ ⁨months⁩ ago
  How do you know when a password is leaked?
  
  What’s the distribution of variance in brute force protections on online services?
  
  source
  - possiblylinux127@lemmy.zip ⁨2⁩ ⁨months⁩ ago
    Why would it matter? If they can access the password they probably can access everything else on that service. Just don’t reuse passwords.
    
    source