this post was submitted on 25 Aug 2024

565 points (98.5% liked)

Cybersecurity - Memes

1964 readers

2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Alphadef@programming.dev

CannaVet@lemmy.world

565

Obscure password requirements (feddit.org)

submitted 2 months ago by cron@feddit.org to c/cybersecuritymemes@lemmy.world

107 comments fedilink hide all child comments

What is your favourite password rule?

you are viewing a single comment's thread
view the rest of the comments

[–] Tar_alcaran@sh.itjust.works 69 points 2 months ago (18 children)

My favorite is "can't be more than x% similar to the last 3 passwords". Of course, you shouldn't ever define what "similar" actually means.

[–] jonne@infosec.pub 97 points 2 months ago (12 children)

And the only way to check that is by storing the previous passwords in a recoverable format.

[–] zovits@lemmy.world 3 points 2 months ago

Or by generating the hashes of all expected permutations of the password the user has just set, and keeping them until the next password is set to compare against. Granted, that would be a prodigious number, but technically doable.

load more comments (11 replies)

load more comments (16 replies)