|
|
|
|
|
|
by thaumasiotes
2378 days ago
|
|
|
> Wouldn't this just make password crackers easier? If there's a Regex of what passwords are okay, it lowers the search space. In practice, this shouldn't make things easier for password crackers, because trying to crack a password by enumerating the password space is not a normal approach. (Except for rainbow tables.) What you'd expect a password cracker to do is construct passwords according to a model of what kinds of passwords humans actually create (regardless of the formal password requirements), and guess those. You're not trying to make sure you've covered everything -- you're just trying to make high-probability guesses before you start making low-probability guesses. |
|
|