The answer is obviously to require all users to change their passwords and make them stronger. 26 minimum characters; two capitals, two numbers, two special characters, cannot include ‘_’, ‘b’ or the number ‘8’, and most include Pi to the 6th place.
Great! Now when I brute force the login, I can tell my program to not waste time trying ‘_’, ‘b’ and ‘8’ and add Pi tothe6th place in every password, along with 2 capitals, 2 numbers and 2 other special characters.
Furthermore, I don’t need to check passwords with less than 26 characters.
The answer is obviously to require all users to change their passwords and make them stronger. 26 minimum characters; two capitals, two numbers, two special characters, cannot include ‘_’, ‘b’ or the number ‘8’, and most include Pi to the 6th place.
Great! Now when I brute force the login, I can tell my program to not waste time trying ‘_’, ‘b’ and ‘8’ and add
Pi to the 6th placein every password, along with 2 capitals, 2 numbers and 2 other special characters.Furthermore, I don’t need to check passwords with less than 26 characters.
Sorry, I don’t understand. Do you mean there have to be 6 digits of Pi in there, or the sixth character must be π? I’m down either way.
We won’t tell you, and the rule gets re-rolled every 14 seconds. It may stay the same or it may change.
Also, there are requirements we check for that we don’t tell you about! 🤭