Asklemmy

43391 readers

1292 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

Open-ended question
Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
Not ad nauseam inducing: please make sure it is a question that would be new to most members
An actual topic of discussion

Looking for support?

Looking for a community?

Lemmyverse: community search
sub.rehab: maps old subreddits to fediverse options, marks official as such
[email protected]: a community for finding communities

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago

MODERATORS

[email protected]

191

What stupidly easy tech solution do people gloss over all of the time? (kbin.melroy.org)

submitted 4 weeks ago by [email protected] to c/[email protected]

222 comments fedilink hide all child comments

For me it's the paranoia surrounding webcams. People outright refuse to own one and I understand, until they go on and on about how they're being spied. Here's the secret - unplug the damn thing when you think you won't use it or haven't used it in a while.

They, whoever it is, can't really spy on you on something that's already off and unplugged!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 4 weeks ago

Even in your example above, with only two letters, no numbers / special characters allowed, requiring a capital letter decreases the possibilities back to the original 676 possible passwords - not less.

No it doesn't. It reduces the possibilities to less than the 52x52 possibilities that would exist if you allowed all possible combinations of upper and lower case letters.

You are confused because you only see the two options of enforcing or not allowing certain characters. All characters need to be allowed but none should be enforced. That maximizes the number of possible combinations.

that passwords should all require certain complexity, but without broadcasting the password requirements publicly?

No, because that's still the same. An attacker can find out the rules by creating accounts and testing.