|
|
|
|
|
|
by DanBC
5233 days ago
|
|
|
What are the risks for each situation? Users are hopeless at creating secure passwords. They are especially hopeless at creating secure passwords if you suddenly present them with a password creation screen. Adding complexity generation does not help. If anything, it makes things worse. People use stupid weak passwords, often re-using them across different websites. They'll do simple substitutions of digits for vowels, or they'll use one word with a couple of digits stuck on the end. Complexity validation gives a false sense of security. |
|
|