In my opinion, this is a dead end unless you are making a site specifically for generating passwords. Would this work as a secure way to offer memorable, automatically generated passwords? Any other ideas? What if I added random numbers and punctuation to the generated passwords, e.g. I thought about some added randomisation. Whoever got the list could generate all possible combinations that I'm offering to my users for use as a password. I'd like to generate passwords like these, so that they're easy to remember while still strong: MooseCoolSuggestionDudeĪssuming I have a list of words for this stored somewhere, that storage could be compromised. If given the choice, users will back to their own weak password when confronted with a monstrosity like this.īut, simple passwords can be strong, if long enough ( yes, relevant xkcd).
They usually end up written on a piece of paper. I1ZkFdt5OOX35Rp or B13v}lo90m%~zrY) are hard to remember. Enforcing these kinds of rules still leads to poor patterns, such as simply appending the required characters to the original weak password (e.g.
I could (and still will) enforce certain restrictions on passwords: they must contain both lowercase and uppercase letters, numbers and punctuation, and must be long enough.
#Securly generate passwords to remember how to#
How to approach this?įirst of all, the reason for offering generated passwords is to try prevent users from using weak passwords (e.g. I want to suggest automatically generated passwords for users who are registering or changing their password.
0 kommentar(er)
