What all these password complexity rules do is to actually reduce the set of possible passwords by several orders of magnitude and thereby make brute force attacks many times easier.

The only way to avoid users using easy to guess passwords (their user name, or date of birth, or ...) is to not allow them to choose their own password but provide them with a random password they have to use. For real security, you cannot trust the user to come up with a strong password.

As far as a computer security is concerned "ADAM" is as good a password as "uhulhbjGKVOILHS885AS72JGHS65G33".

Just by spelling out the complexity rules of the password,you have made it hackers soo much easier. The only good rule as far as security is concerned is "there are no rules, other than 'throw some random characters together'.

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

In reply to Re: Password Generation and Module Multiplication by CountZero
in thread Password Generation and Module Multiplication by Orsmo

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.