top | item 41879559

(no title)

plopilop | 1 year ago

Switching one uppercase letter in an otherwise lowercase password adds exactly 1 bit of entropy (per switched letter).

On the other hand, any extra lowercase letter will increase the entropy by 4.7 bits (assuming a password on [a-z]).

Given that most passwords have at best 2 uppercase letters, I would argue it is safer to force longer passwords than passwords with at least one uppercase letter.

discuss

No comments yet.