Reply to post: Re: XKCD has been totuting the complexity angle for years

Android apps prove a goldmine for dodgy password practices

GIRZiM Bronze badge

Re: XKCD has been totuting the complexity angle for years

Why do people persist in promulgating this myth after all this time?

Do not do it; the xkcd approach of using real words in a string was cracked years ago - it falls to dictionary attack in no time at all.

Take the first letter of each word in a strong passphrase of at least fifteen words, with punctuation and capital letters, replace letters according to the 'l337' schema.

If you can't bring yourself to do that then use a password manager but, for goodness sake, do not use any real words - not even if you string them together without any spaces.

THE XKCD 'HORSEBATTERYSTAPLEYOURMOM' APPROACH IS INSECURE! DON'T DO IT!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019