• pixelscript@lemmy.ml
        link
        fedilink
        English
        arrow-up
        8
        ·
        10 months ago

        If all characters are equally likely, it’s a fine password. It’s long and certainly immune to any dictionary attack.

        But if the attacker knows it’s generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.

      • prowe45@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        10 months ago

        Not OP, but from what I’ve read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn’t too bad in that regard. But being able to remember a password is also important unless you’re always going to be able to use a password manager to enter it for you. So in that respect it’s not great.

        • ShortN0te@lemmy.ml
          link
          fedilink
          arrow-up
          3
          ·
          10 months ago

          That’s my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.

          • CucumberFetish@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            10 months ago

            Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.