57
What is with bad password requirements (lemmy.blahaj.zone)
submitted 1 day ago* (last edited 19 hours ago) by NullNet@lemmy.blahaj.zone to c/cybersecurity@infosec.pub
23 comments fedilink hide all child comments

Small rant incomming. I just went to look at applying to Walmart, and when going to make an account their password requirements were 8-11 characters. What kinda nonsense is that? Some terribly made backend I'd assume. It's bad enough I gotta make a million accounts when applying to jobs but then you got my PII sitting behind such terrible password requirements it makes me wonder where else they are cutting corners on security.

you are viewing a single comment's thread
view the rest of the comments
[-] Hamartiogonic@sopuli.xyz 5 points 23 hours ago* (last edited 23 hours ago)

I’ve once had a password that was over 200 characters long. That was in a custom email server where the admin either didn’t know or care about limitations. I mean, if you can have a super long password, then why not. I just kept on going until I felt like it was secure enough.

I used a randomly generated character soup, so there’s no way I’m ever going to memorize that nightmare of a password. Even if I print it on paper and hand to you, there’s a pretty good chance that you wouldn’t be able to type it correctly without restoring to OCR.

[-] subignition@fedia.io 3 points 18 hours ago

I entered a gold tier password for Golden Sun: The Lost Age so I have that shit locked down

[-] LostXOR@fedia.io 2 points 17 hours ago

At that point why not use key based authentication?

[-] Fosheze@lemmy.world 4 points 12 hours ago

Pastes private key into password box.

this post was submitted on 28 Nov 2024
57 points (96.7% liked)

cybersecurity

3306 readers
172 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
shellsharks@infosec.pub
tweedge@infosec.pub