I do not think that accomplishes what you think it does
Recently I had to create a password for a new online account. One of the password creation rules was:
No two consecutive characters may be identical.
I suppose there’s some value in making sure your users don’t create passwords like “AAAAAA”, but come on, no consecutive repeated characters at all?! That does nothing to make the password more secure; it just makes life easier for the hackers, by drastically reducing the number of character combinations that they have to try in a brute-force attack.
I have to wonder, too, how much their programmer charged them to implement that inane little rule.
Comments Off
No Comments
No comments yet.
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.