No. 8 characters is too short - no matter if you add in special symbols and uppe... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jjuhl on Aug 10, 2017 | parent | context | favorite | on: Man who made passwords hard regrets rules that 'dr...

No. 8 characters is too short - no matter if you add in special symbols and upper/lower case. It's too easy to brute-force crack. You need something longer. And once you make it longer, the extra alphabet size from upper/lower case and symbols matters less.

zeep on Aug 10, 2017 [–]

I was not talking about brute-force protection... I'm talking about meeting the password complexity requirements of the servers (same as the article)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact