david.edwards 76768 wrote:
I like that chart Jeff, I might add it to my favourite argument I trot out every time I am faced with a short password requirement that forces numbers, capitals etc.
I am sure everyone is aware of it, the "Correct Horse Battery Staple" XKCD cartoon, but if not...
https://xkcd.com/936/
![password_strength](data:image/gif;base64,R0lGODlhAQABAPAAAPLy8v///yH5BAAAAAAALAAAAAABAAEAAAICRAEAOw==)
Should point out, I usually add a Latin word to help mitigate dictionary attacks and where I am constrained capitalise etc.
I love it. But even that has the "rainbow table" issue that Eric cited as a "dictionary attack".
The note at the bottom of the drawing is entirely correct, though. I'm thinking that's why Post-It notes were developer. 😀