Follow

The password to my council's app *takes deep breath*...
must be between 10 and 30 characters in length.
New and confirm password must be same.
Passwords must contain at least one letter and one number.
Passwords must contain at least one special character like !"@$%&()`*,-/:;<=>?_^~{} .
Passwords cannot use repeating characters (e.g. aaa64135).

Passwords cannot contain your Sign-In ID or the part of your e-mail address before the '@'.
Password must be different than your previous password.

@ChrisWere So what ends up happening is you find a password that works and increment a number on the end by 1.

@christoffer @ChrisWere because I'm paranoid (and maybe insane) I just wrote my own.

@ChrisWere Tell me about it. I've had one site where I kid you not, the only password I could get to work... "PasswordPassword123" (no, I don't use it anymore :P )

@ChrisWere

cat /dev/urandom | tr -dc "[:print:]" | tr -d "[:space:]" | fold -w 25 | grep -E "[A-Z].[0-9].[^a-zA-Z\d]" | head -n 1

@uoou @ChrisWere

Stop wasting your entropy, /dev/urandom should not be used in vain. ;-)

@ChrisWere people like to confuse complexity with security, which is nonsense. A longer pass phrase like 'my horny horse wears wooden shoes' is way more secure than 'a7U$!_mn23'
, just because of its length alone. And way easier to remember and type.

@hil
To some extent, but you should actually choose the words for your passphrase at random. If you use sentences or common phrases like "wearing shoes", then your passphrase is suddenly a lot less strong than it should have been.
@ChrisWere

@ChrisWere That sounds better than most japanese websites or apps that restrict your passwords to 12 characters max, which are trivially easy to brute force.

Sign in to participate in the conversation
LinuxRocks.Online

Linux geeks doing what Linux geeks do...