10 chars, no special characters and that's it
Just tell me that you want to have access to my videos and be done with it
this post was submitted on 11 Jun 2023
3 points (100.0% liked)
Cybersecurity
5650 readers
110 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yeah, that's not optimal. My single-sourced, non-verified quick Google search tells me that brute forcing a 10-char password of lower case letters only would be instant, subbing out one char for an upper-case letter would increase to one month, and subbing out another char for a number raises that to 6 years. Simply allowing for a special char would take 50 years.
That's assuming the password is truly random. Use a dictionary with some rule sets, and make some assumptions like people will probably just append a number to the end of their password, and you'll knock those times down drastically.
There's no excuse for not allowing your users to use safe passwords.