For judging complexity I always thought large businesses should just set aside s... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		galangalalgol on Dec 23, 2022 \| parent \| context \| favorite \| on: Password Requirements: Myths and Madness For judging complexity I always thought large businesses should just set aside some compute to try to brute force passwords with the hash. If they get yours, you have to change it and get a talking to. If they can't get it, they give you $X where X is big enough to be a pleasant surprise.

kccqzy on Dec 23, 2022 [–]

Idea: just run a standard compression algorithm on the password and measure its length.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact