cross-posted from: https://sopuli.xyz/post/17042938
Password Strength: Medium
✅ More than 8 characters
✅ At least one number
❌ At least one special character
❌ At least one capital letter
The thing is, nobody knows if you write a special character or not. They might try to brute force passwords without first. But the way more important factor is length.
Just 5 random words and you are fine
When I wasnt using a password manager for password creation I just did random sentences that were not allowed to have meaning. They were quite easy to memorize because they were so absurd. Usual password check would be 3 trillion trillion years or something.
That wide-eyed, fearful 1k yard stare is the current face of cyber security
What passwords managers don’t want you to know
There’s no capital letter so it’s invalid.
You could probably write a Hashcat plugin to brute force that pretty easily. Something that tries groupings of keys that are adjacent to one another on qwerty keyboard layouts.