True. But who is able to use a 20 character password without having to write it down? Or he will use something that is significant to him that he will remember. Those are both bigger security risks. An 8 character, with numbers, special characters, capitalization, that is random and memorable is ultimately a lot more secure. Read up on how long it takes to crack such a password that is truly random.
What you're saying is incorrect. That was the point of the XKCD cartoon above. String together 4 random words that total 20 characters and your password is both vastly more difficult to crack, and easier to remember than 8 random characters.
https://xkcd.com/936/https://explainxkcd.com/936/
Some cracker have started using dictionaries as sources to guess from, with each word treated as a letter.In effect this becomes faster to crack if you use words directly from the dictionary, even if you use common substitutions (E.G. O-0).But it should be pretty easy to make one of the words a non-dictionary word (Yiddish, anyone?) or incorrect punctuation.
That changes nothing. Do you know how many words are in the dictionary? Compare that to the maximum 96 character set for each character of a 6 or 8 character password.
I often use various mixes of Hebrew words and gematria. Sometimes is tranliterate and sometimes use the keys of the Hebrew keyboard to type English for the corresponding gibberish.
Yes, but if you limit the guesses to the max of the password field, say 20 characters, you mitigate much of this.What is the standard max length for a good website?
What is the standard max length for a good website?
All of you discussing how you formulate your passwords are obviously reusing the same passwords on multiple websites, (unless you claim to remember 100+ passwords.)This is the WORST idea you can have.
Speak for yourself. When you use an password manager, you need a master password. Same rules for good passwords apply there.
What do use?I use lastpass. No way I am remembering 100+ strong passwords. The new family sharing plan looks pretty good.
I also use Lastpass
Just got a Firefox notification that LastPass is not compatible with the current version.
I used to use it
https://blog.lastpass.com/2017/10/lastpass-beta-firefox-57.html/Try this?
How many times should I try it?