this post was submitted on 14 Jul 2023
1162 points (92.2% liked)

Technology

59377 readers
3934 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

We've all been there.

you are viewing a single comment's thread
view the rest of the comments
[–] graphite@lemmy.world 2 points 1 year ago* (last edited 1 year ago) (1 children)

32 is a damn strong password

Not necessarily: only if it's generated properly, and only for the moment - that will change in the next few years.

You do realize that length and symbol type are only 2 out of many other factors that go into a strong password?

[–] Smokeless7048@lemmy.world 2 points 1 year ago (1 children)

Ok, fair, not all 32 digit passwords will be secure.

11111111111111111111111111111111 is not secure, but I was trying to imply, in a properly generated password, 32 digits long is very secure.

[–] graphite@lemmy.world 2 points 1 year ago* (last edited 1 year ago)

but I was trying to imply, in a properly generated password, 32 digits long is very secure.

I understand, and I think you make a valid point as far as the discussion is concerned.

It's unfortunately still a little more complicated than that, though.

Like I said, there's more to a password than length and symbol type.

Even something like cF*+@aXbIdFHje2vZiU-1 is less secure than if it were generated by a good PRNG.

D0@ndro!dsDr@3@m0f3l3ctr!cSh33p? is also insecure, though it might have been considered secure 4-5 years ago.

You see what I'm saying?

Then of course there's hash algorithms and how those are used to authenticate the passwords themselves, etc.