zephyr@lemmy.worldM to linuxmemes@lemmy.world · 1 year ago-----BEGIN PRIVATE KEY-----lemmy.worldexternal-linkmessage-square42linkfedilinkarrow-up1513arrow-down17 cross-posted to: linux_memes@programming.dev
arrow-up1506arrow-down1external-link-----BEGIN PRIVATE KEY-----lemmy.worldzephyr@lemmy.worldM to linuxmemes@lemmy.world · 1 year agomessage-square42linkfedilink cross-posted to: linux_memes@programming.dev
minus-squareSatyrSack@lemmy.onelinkfedilinkarrow-up6·1 year agoEven if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like Tr0ub4dor&3 https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
minus-squareFillicia@sh.itjust.workslinkfedilinkarrow-up1·1 year agoIf the attacker search for your password specifically then xkcd themself posted the reason why it wouldn’t really matter https://www.explainxkcd.com/wiki/index.php/538:_Security If you’re doing blind attemps on a large set of users you’ll aim for the least secured password first, dictionary words and known strings.
Even if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like
Tr0ub4dor&3https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
If the attacker search for your password specifically then xkcd themself posted the reason why it wouldn’t really matter
https://www.explainxkcd.com/wiki/index.php/538:_Security
If you’re doing blind attemps on a large set of users you’ll aim for the least secured password first, dictionary words and known strings.