re: What does it take to create a strong password? VIEW POST


What are your general feedback around the video you see?

Loved the progress bar and the reminder to store it safely. UX-wise I think it is great.

Should requiring numbers, lowercase and uppercase characters, and symbols be part of our requirements?

As a fan of diceware (see XKCD comic below) I don't particularly like the idea.

But I'm not sure if dropping these requirements to appease the minimal share of diceware enthusiasts (there are dozens of us, dozens!) is worth the potential loss of password entropy and security.

I know that Google and some other big players do not enforce it but I'm not familiar with their whole password ruleset.

XKCD comic about diceware passwords

One thing that would add an extra layer of security though, is checking the typed password with haveibeenpwned.com/Passwords and blocking bad ones.

Code of Conduct Report abuse