• pixelscript@lemmy.ml
      link
      fedilink
      English
      arrow-up
      8
      ·
      9 months ago

      If all characters are equally likely, it’s a fine password. It’s long and certainly immune to any dictionary attack.

      But if the attacker knows it’s generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.

    • prowe45@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      9 months ago

      Not OP, but from what I’ve read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn’t too bad in that regard. But being able to remember a password is also important unless you’re always going to be able to use a password manager to enter it for you. So in that respect it’s not great.

      • ShortN0te@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        That’s my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.

        • CucumberFetish@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.