You are not logged in. Your edit will be placed in a queue until it is peer reviewed.
We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.
Required fields*
- I don't think that this addresses the question the OP made.Chris Murray– Chris Murray2014-10-31 17:02:20 +00:00Commented Oct 31, 2014 at 17:02
- It's an alternative answer, but it definitely addresses the question, which was "How to practically deal with the fact that your properly generated password may actually be or become weak?" Practically all passwords are weak, live with it and optimize/mitigate elsewhere. Just because John the Ripper can't crack a 4 word password today doesn't mean it can't be engineered to crack those tomorrow. A 25-GPU array can perform 350 billion guesses per second and you know what? Tomorrow's GPUs will do twice that. Will tomorrow's passwords be twice as long to compensate?perry– perry2014-10-31 17:46:59 +00:00Commented Oct 31, 2014 at 17:46
- As a side note, I try not to give redundant answers that I know someone else has or will provide. I think my answer adds a lot of value to this question.perry– perry2014-10-31 17:51:55 +00:00Commented Oct 31, 2014 at 17:51
- I think your answer is useful, if the question was "How can I mitigate users picking bad passwords/losing their password". However, the OP is infact the user picking the password and not the developer mitigating the issue.Chris Murray– Chris Murray2014-10-31 17:55:08 +00:00Commented Oct 31, 2014 at 17:55
- xkcd mentions 1000 guesses/sec as a plausible attack on a remote web service. I would hope any user reading this experiences a strange twitch in the eye brow. Why design or use a web service that is open to being massively flooded or brute forced? It's like using a public Wifi at Starbucks - maybe nobody will snoop your traffic on Tuesdays, but maybe that's because Joe bad guy doesn't get coffee on Tuesday. Regardless of how the day pans out, you're constantly at high risk. Users need to know this. Nobody has raised the issue.perry– perry2014-10-31 21:26:27 +00:00Commented Oct 31, 2014 at 21:26
| Show 3 more comments
How to Edit
- Correct minor typos or mistakes
- Clarify meaning without changing it
- Add related resources or links
- Always respect the author’s intent
- Don’t use edits to reply to the author
How to Format
- create code fences with backticks ` or tildes ~ ```
like so
``` - add language identifier to highlight code ```python
def function(foo):
print(foo)
``` - put returns between paragraphs
- for linebreak add 2 spaces at end
- _italic_ or **bold**
- quote by placing > at start of line
- to make links (use https whenever possible) <https://example.com>[example](https://example.com)<a href="https://example.com">example</a>
How to Tag
A tag is a keyword or label that categorizes your question with other, similar questions. Choose one or more (up to 5) tags that will help answerers to find and interpret your question.
- complete the sentence: my question is about...
- use tags that describe things or concepts that are essential, not incidental to your question
- favor using existing popular tags
- read the descriptions that appear below the tag
If your question is primarily about a topic for which you can't find a tag:
- combine multiple words into single-words with hyphens (e.g. web-application), up to a maximum of 35 characters
- creating new tags is a privilege; if you can't yet create a tag you need, then post this question without it, then ask the community to create it for you