Rules and Guidelines
Want to participate in the discussions? Please read our Community Rules and Guidelines. Need some help? Visit Support and Answers.

  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 9 subscribers
  • Views 265 views
  • Users 0 members are here
Options
You may also be interested in
This discussion is locked.
You cannot post a reply to this discussion. If you have a question start a new discussion

Password strength?

Howard Warren
When it comes to passwords, I've usually used a 10 character random mix of uppercase, lowercase, special and numeric characters, and have never had any issues with these being accepted as adequate. (Before I get told off, I have a different password for each application I use!)


However, when recently setting up a new application, my 10 character password was described by the system as "weak". So I used a 19 character password (again, a random mix of characters) and this time it was described as "fair".


Given that there are 256 ASCII characters, the determined hacker has a 1 in 5.709 X 10^45 chance of striking it lucky with my 19 character password. (I say lucky - he'd be sadly disappointed at what he found after all that effort). So my question is, what lengths would one have to go to, in order to create a password that could be described as strong?
Parents
  • 0

    mapj1:

    I presume they also tell you that they have your Email address, after you have typed it in?






    From their privacy statement:

     

    When you search for an email address


    Searching for an email address only ever retrieves the address from storage then returns it in the response, the searched address is never explicitly stored anywhere. See the Logging section below for situations in which it may be implicitly stored.


    Data breaches flagged as sensitive are not returned in public searches, they can only be viewed by using the notification service and verifying ownership of the email address first. Sensitive breaches are also searchable by domain owners who prove they control the domain using the domain search feature. Read about why non-sensitive breaches are publicly searchable.

     


Reply
  • 0

    mapj1:

    I presume they also tell you that they have your Email address, after you have typed it in?






    From their privacy statement:

     

    When you search for an email address


    Searching for an email address only ever retrieves the address from storage then returns it in the response, the searched address is never explicitly stored anywhere. See the Logging section below for situations in which it may be implicitly stored.


    Data breaches flagged as sensitive are not returned in public searches, they can only be viewed by using the notification service and verifying ownership of the email address first. Sensitive breaches are also searchable by domain owners who prove they control the domain using the domain search feature. Read about why non-sensitive breaches are publicly searchable.

     


Children
No Data

Join us to get the best from IET EngX.

Joining EngX lets you personalise your experience so you stay up to date on the topics that interest you, plus you’ll be able to make connections who are looking to collaborate, exchange ideas and more.

Join us Not now

Community Rules & Guidelines