this post was submitted on 18 Jul 2025
398 points (96.3% liked)

memes

16266 readers
3213 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to !politicalmemes@lemmy.world

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

A collection of some classic Lemmy memes for your enjoyment

Sister communities

founded 2 years ago
MODERATORS
Tenthrow@lemmy.world
The_Picard_Maneuver@lemmy.world
The_Picard_Maneuver@startrek.website
398
Has to be 16 characters, #s, Cap and lower case. (lemmy.world)
submitted 15 hours ago by salty_chief@lemmy.world to c/memes@lemmy.world
97 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] Scipitie@lemmy.dbzer0.com 3 points 7 hours ago (1 children)

Take a sentence with 200 characters then.

And your opinion is exactly that and doesnt match security research:

For the following you're not the target group but others reading this who might want to make their lifes easier. Just from your way of writing I at least don't expect that minor sources like okta or the NCSC will change your mind.

( article links with high level descriptions and links to their primary sources)

https://www.okta.com/identity-101/password-vs-passphrase/

https://www.4bis.com/passphrase-vs-complicated-passwords-passphrases-are-best/

https://specopssoft.com/blog/passphrase-best-practice-guide/

[–] LostXOR@fedia.io 1 points 7 hours ago

I'm not arguing that random passwords are better for everyone, just that they're most secure for their length. A 9 word passphrase is just as secure as a 16 character random password, but is far longer.

A 4 word xkcd passphrase is more or less equivalent to a 7 character random password, and is secure with xkcd's threat model (online brute force attack) but not with other threat models, like a brute force of a weak hash, which is many orders of magnitude faster.

If you'd like to verify the math:
4 word xkcd passphrase: 2048 (possible words) ^ 4 (number of words) = 44 bits of entropy ≈ 17.6 trillion possibilities.
7 word password: 70 (possible characters) ^ 7 (number of characters) ≈ 42.9 bits of entropy ≈ 8.2 trillion possibilities.
(Adding an eighth character raises the number to 576 trillion).