If all characters are equally likely, it’s a fine password. It’s long and certainly immune to any dictionary attack.
But if the attacker knows it’s generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.
Not OP, but from what I’ve read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn’t too bad in that regard. But being able to remember a password is also important unless you’re always going to be able to use a password manager to enter it for you. So in that respect it’s not great.
That’s my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.
Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.
That’s not a good password.
Why not?
If all characters are equally likely, it’s a fine password. It’s long and certainly immune to any dictionary attack.
But if the attacker knows it’s generated with this method, then it is probably a poor one. Bottoms tend to spam only homerow keys, either in all lowecase or all uppercase. The restricted character set vastly reduces the search space.
Yeah, because it’s 90% home-row spam.
stop ruining the fun, you fun ruiner
Not OP, but from what I’ve read, overall length is more important than complexity (special characters and stuff) when it comes to someone trying to crack it. So this one isn’t too bad in that regard. But being able to remember a password is also important unless you’re always going to be able to use a password manager to enter it for you. So in that respect it’s not great.
That’s my point. Password is 29 characters strong so even without special characters or numbers a good password. And yes length makes a bigger difference then different characters used.
Different character enforcement helps reduce the risk of simple dictionary attacks. Even the most common letter replacements multiply the complexity. But nothing beats a long randomized password with 2fa.