Mastodawn

Tim Bray Oct 2, 2024

A poll, aimed in particular at people who think they understand the technologies around password cracking. Assume that there is at least one password that you need to be strong and need to remember & type not-infrequently. How many characters is enough for you to feel comfortable in 2024? Assume any char you can type easily is available.
[May need a follow-up poll if the majority is at >=12]
[Boost if you’re interested in the result]

#infosec

9

3.3%

10

6.2%

11

2.2%

>=12

88.3%

Poll ended at Oct 3, 2024 at 4:27pm.

Show thread

dragonfrog

@timbray
A 9 or 10 character password can probably be strong enough, but if it is strong, I'm not going to remember it. The longer it is (up to some point around maybe 25-30 characters), the easier it can be to remember without dipping below sufficient strength.