Password security enforcement rules are bizarre
brianpghpa
Newbie

Can someone explain the algorithm that is used to determine that a proposed password is sufficiently secure? Specifically I was forced to 'upgrade' my password to something more secure, and it kept rejecting passwords for being 'easily guessed' but only when I would add an additional character to make the password longer. So, for example, if I suggested:

 'money123me' this would be acceptable, but if I tried

'money123mecow' this was considered to be easily guessed and rejected.

It makes no sense that a longer password would be considered less secure, so it makes me concerned that there are some strange limitations in the password system that make it vulnerable.

Thanks,

Brian

0 Likes
1 Solution

Correct answers
Re: Password security enforcement rules are bizarre
smith6612
Community Leader
Community Leader

It's possible the password system is complaining about the dictionary words. Many password systems I've seen complain if there are too many dictionary words in a password or if they are all lowercase or uppercase in character. I wish I had more info to go on for this, but hopefully this helps.

View solution in original post

0 Likes
Re: Password security enforcement rules are bizarre
smith6612
Community Leader
Community Leader

It's possible the password system is complaining about the dictionary words. Many password systems I've seen complain if there are too many dictionary words in a password or if they are all lowercase or uppercase in character. I wish I had more info to go on for this, but hopefully this helps.

0 Likes