>Password must contain: >a minimum of 1 lower case letter

File: 1432471765932.gif (486KB, 475x347px) Image search: [Google]

486KB, 475x347px

>your password must contain the name of a friend

File: 1496165594795.jpg (45KB, 352x351px) Image search: [Google]

45KB, 352x351px

>password can only contain letters and numbers

>>61290292
How is this an issue with keepass? Go for the maximum length password in generation, and you should be covered.

ok nsa no matter what you do you're not going to trick us into hating strong passwords

File: IMG_1509.jpg (66KB, 645x773px) Image search: [Google]

66KB, 645x773px

>Whet was your first pet's name ?
>mfw just trying to remember my password not my only best friend I lost forever

>password must not contain spaces

>>61290339
This pisses me off so much. Had to do this for my password for money transfers at work. I just typed some random bullshit and gonna tell anyone who wants that service that I'm new and can't do it. I have 15 passwords and EVERY SINGLE ONE OF THEM has a symbol. I ain't remember a 16th just for some shitty service that'll never get used

File: IMG_3914.png (91KB, 740x601px) Image search: [Google]

91KB, 740x601px

>>61290346

>>61290390
My bank account only accepts letters and numbers.

>>61290292
>it's another "the industry still hasn't figured out that multiple words are more secure" episode

To be fair, once we can figure out how to recognize multiple-word strings with no separators between words, we'll probably have computers that can brute-force those strings.

>>61290398
Remember that "Password" is the most common password, so to increase your security, you could exchange the "S's" for "dollar signs."

https://www.youtube.com/watch?v=kRcdmbC0HHs

File: 1457485650882.jpg (56KB, 500x518px) Image search: [Google]

56KB, 500x518px

>your password needs to be at least 2^32 characters
>for our phone app that we make you type the password every time
This is the worst of all possible universes

>>61290398
this is bullshit
sure this makes sense if passwords are bruteforced
but they aren't
dictionary attacks are used and several permutations of those words in the dictionary are tried and a password like that is more likely to be cracked than a random series of letters and numbers and this is just a convenient excuse not to have to remember them

just use a password manager with randomly generated passwords and remember a few long strings for encryption and master passwords across different devices

>>61290531
>he thinks that you can find two words concatenated together in a dictionary

For a password that has two words in it, you have to try every possible pair of words in the dictionary, which means that your total number of guesses is words^2. For three words, it's words^3. And that's if you *know* how many words it is. If you don't, you now have to try words+words^2+words^3...

>>61290511
If it doesn't allow fingerprint verification, I would just go without the app. I use a 20 digit passcode to log into the phone, and ban the fingerprint for that. I don't need to use passwords on everything else.

>>61290605
that's not that much

>>61290356
>dem feels
this question should be banned

File: 640px-Llanfairpwllgwyngyllgogerychwyrndrobwllllantysiliogogogoch_station_sign_(cropped_version_1).jpg (71KB, 640x452px) Image search: [Google]

71KB, 640x452px

>not just using the name of local landmarks
plebs

File: 1471462129879.png (136KB, 505x431px) Image search: [Google]

136KB, 505x431px

>>61290292
>Your password is too long

>>61290644
>fingerprint verification
enjoy having everything you own compromised when someone bruteforces your finger
>b-but I use a password before my finger
Doesn't matter, leave your phone unlocked once and you're fucked, use your fingerprint in any compromised account and you're fucked

>>61290666
>words+words^2+words^3...
vs
>words
You'll notice that the first comes out to much, much bigger. Even if you only use two words, the attacker is still having to do 171,000 words plus another 29,241,000,000 combinations of two words, assuming that they're using the full dictionary (and if you're not a dumbass you can use the full dictionary). Hell, even with the 3,000 most common words, you'd get 3,000 + 9,000,000 word combinations--again, assuming that you're only using two words.

>>61290730
also some of the 'words' used aren't in dictionaries, and you can add symbols and whatnot for extra entropy.

>The password is a 4 digit number

>>61290781
That's also true. Nobody said you can't mix the methods. Just adding one letter-to-symbol translation means that now you're doing something in the neighborhood of words*2+(words*2)^2+(words*2)^3... and so on. It's not perfectly accurate because it depends on what letter you sub in.

And then you throw in multiple substitutions and all hell breaks loose on the crypto professor's chalkboard.

File: 12747777_515419305286908_1610285801_n.jpg?ig_cache_key=MTE5MzI4MDkyMTQ0MDkyOTIzOQ%3D%3D.2.jpg (19KB, 480x480px) Image search: [Google]

19KB, 480x480px

>generate 32 character long password and register on site
>cant login because the register form trimmed the password

File: 1498684273926.jpg (250KB, 1067x1600px) Image search: [Google]

250KB, 1067x1600px

>>61290398
>>61290531
>>61290605
>>61290666
>>61290781
>>61290827
Diceware is superior. 10 words will give ~128 bits of entropy.

>>61290427
Kek not work diceware. Each diceware word as nearly double the entropy of a single character symbol.

>>61290644
>>61290730
Reminder that govt doesn't need your consent use use your biometrics to unlock.

>>61290695
Kek

>>61290932
Iowa State University's student access page - where student info is accessed, classes are registered/dropped, grades are received, financial aid is accepted/refused, etc - truncates passwords to 7 characters. Doesn't tell you when registering that there is a max length, just truncates it.

>forgot your password? no problem! click here.
>they send you an email containing your password

>>61290730
>Doesn't matter, leave your phone unlocked once and you're fucked, use your fingerprint in any compromised account and you're fucked
My phone is never left unlocked. In fact, when I'm not actively using it, it's in rebooted mode (where encryption is strongest).

>>61291295
Fingerprint isn't used to unlock the phone, only to sign into shit like my banking app.

File: 1488837435684.jpg (29KB, 238x357px) Image search: [Google]

29KB, 238x357px

>>61290292
>Password cannot contain Unicode characters

>>61290932
You have at most 24 passwords to try, one of which will work. Come on silly Anon! Use you brain! The order of characters is the same, you just have to try your password with lengths of 8 chars or higher to find it!

>>61290730
you have a misconception about how fingerprint auth works

it verifies sufficient authentication through the OS, and the OS tells it whether it was corrrect, no application touches the fingerprint information

this is true on iOS, Android, Linux

phishing a fingerprint is pretty much impossible for this reason

>>61292196
And yet a 3D-printed chunk of gelatin can fool it.

>>61293129
sure, but you can't phish the fingerprint

>>61293193
Oh, that's the other thing...I can't think of a single government that doesn't collect fingerprints. And we all know how good they are with cybersecurity.

>>61293219
that's true enough
that does the require the prerequisite of being skilled enough to steal the fingerprint, and the further requisite of being committed enough to formulate a 3d printed copy

which i think puts it into the "probably fine" category for most people

File: asdasdfasdf.jpg (8KB, 289x174px) Image search: [Google]

8KB, 289x174px

>>61290292
>your password cannot be the same as your previous password

[change]

>your password cannot be the same as your previous password

[change]

>your password cannot be the same as your previous password

>>61293264
I don't like the idea of government officials having access to everything they need to steal my bank account.