Password strategy [OT] was: PyPI password rules
Andrew Berg
aberg010 at my.hennepintech.edu
Tue Aug 26 03:45:31 EDT 2014
On 2014.08.26 01:16, Chris Angelico wrote:
> A huge THANK YOU to whoever set the rules for PyPI passwords! You're
> allowed to go with a monocase password, as long as it's at least 16
> characters in length. Finally, someone who recognizes XKCD 936
> passwords!
>
> And yes, I generated an XKCD 936 password for the job. My parrot is
> good at that... uses a dictionary consisting of every word ever noted
> by her, and can optionally trim it to "most common N words" for any
> given value of N.
While a vast improvement over the kinds of passwords many places would like to
impose, xkcd 936 passwords can still be difficult to remember. I prefer phrases
with context (and proper punctuation and capitalization if practical).
Something with context is generally easy for a human to remember, but difficult
for a machine to guess.
"keyboard television barf machine" or "Yay for the download counter!"
Which one is easier to remember and harder to guess?
More information about the Python-list
mailing list