It turns out that emoticons are considered a symbol, so they can beef up your passwords and make them more secure in combination with letters and numbers. Here’s how.
So those annoying as hell "6 character, lowercase and uppercase letters, special character" passwords give a full 6 minutes of protection. Good to know.
Seriously tho: go for at least 80 bit randomized characters. If it's something you have to type, use a couple of random words. Longer passwords are exponentially more secure.
It depends on how the password is stored / KDF used (what type of hash, salting, bcrypt, etc).
Judge for yourself if it's an old website or old piece of software that might use (god forbid) MD5. Since one would not normally know that, I'd go with 20 (good, cryptographically) randomly generated upper/lower/digits if using a password manager, or 40ish characters passphrase if you need to remember and/or easily type it. Add some punctuation / special chars (spaces, commas, dots, paranthesis, etc) if it's an important masterkey (ie password manager key, encrypted container, etc) and you have decent typing skills.
Some shitty sites / routers don't accept certain special characters hence go with upper/lower/digits as standard but use longer lengths (if the shitty site allows you and doesn't limit that too). Limits to what a password should contain and/or length limits would be a sign of lazy programming and poor password management, so treat them as unsecure from the get-go (yes, even big names like Oracle have piss-poor security or lazy implementation). Good programming nowdays shouldn't have those limits, as user input sanitization / injection protection exists, and hash functions have a fixed length no matter what the input length is.
Also very important, don't reuse passwords for online accounts. Hence a password manager remembering them for you. There are still websites storing passwords in plain text. You wouldn't want your local pizza hut know or leak your email password by being hacked.
Mine are usually 16-18 or so. A word that I can easily remember, a word that makes it specific to a particular site, a symbol with meaning, a number larger than 9, and another symbol, not necessarily in that order.
What's do you think is a good length? I think it has to be at least 10 but over 15 is much better.
Idk exactly how accurate this is but seems valid
The colors on that are kinda confusing. 6tn years is yellow, but 2k years is green?
It seems like the designer didn't notice the error
So those annoying as hell "6 character, lowercase and uppercase letters, special character" passwords give a full 6 minutes of protection. Good to know.
Rookie numbers. Max out the character limit.
Seriously tho: go for at least 80 bit randomized characters. If it's something you have to type, use a couple of random words. Longer passwords are exponentially more secure.
It depends on how the password is stored / KDF used (what type of hash, salting, bcrypt, etc).
Judge for yourself if it's an old website or old piece of software that might use (god forbid) MD5. Since one would not normally know that, I'd go with 20 (good, cryptographically) randomly generated upper/lower/digits if using a password manager, or 40ish characters passphrase if you need to remember and/or easily type it. Add some punctuation / special chars (spaces, commas, dots, paranthesis, etc) if it's an important masterkey (ie password manager key, encrypted container, etc) and you have decent typing skills.
Some shitty sites / routers don't accept certain special characters hence go with upper/lower/digits as standard but use longer lengths (if the shitty site allows you and doesn't limit that too). Limits to what a password should contain and/or length limits would be a sign of lazy programming and poor password management, so treat them as unsecure from the get-go (yes, even big names like Oracle have piss-poor security or lazy implementation). Good programming nowdays shouldn't have those limits, as user input sanitization / injection protection exists, and hash functions have a fixed length no matter what the input length is.
Also very important, don't reuse passwords for online accounts. Hence a password manager remembering them for you. There are still websites storing passwords in plain text. You wouldn't want your local pizza hut know or leak your email password by being hacked.
Mine are usually 16-18 or so. A word that I can easily remember, a word that makes it specific to a particular site, a symbol with meaning, a number larger than 9, and another symbol, not necessarily in that order.