* Posts by MacMcMeans

1 publicly visible post • joined 31 Jul 2018

Password strength meters promote piss-poor paswords

MacMcMeans
Thumb Up

Passphrase.Life gets it right!

Here's some needed perspective on passwords and analyzers:

According to https://Passphrase.Life, EVERY 8-character (and under) password will be automatically cracked in under 6 hours, assuming a database breach (offline attack)! It's just simple math. The GPU hardware cracking rigs are only getting cheaper. That means that "abc123", "trustno1" and "ncc1701" aren't worth consideration.

The slightly longer ones, "iloveyou!" and "primetime21" will be cracked in mere seconds, because they are lo-bound human passwords, not randomly created, and have little entropy. Again, Passphrase.Life makes this clear. It's the only analyzer that shows you the difference in strength between a truly random password, and one made the other way.