On Fri, 05 Apr 2013 11:46:32 +0900, Miles Bader <[email protected]> wrote: > [email protected] (Karl Berry) writes: >> How is your password "much" better? Using non-alphanumeric >> characters? I thought they were allowed even though the message >> doesn't mention them. > > I think there's a pretty general consensus by now that this sort of > requirement ("must contain a digit and a punctuation symbol" or > whatever) does more harm than good. Most certainly it's annoying...
It's completely retarded. It only induces people to choose weak passwords. Must contain a capital? Okay, capitalize the dictionary word. Must contain a digit? Okay, stick a one on it, or replace an o with 0. There should be a choice: numbers and glyphs, or make it longer. I'd rather type a password phrase with multiple words and spaces.
