Current Events > "That password is too easy to guess"

(+) Yeah! (+)

What the fuck is wrong with these shitty password coders or whoever makes this shit.

Its 2020. I have a million things I need a password for. I use ONE fucking password that satisfies the typical criteria of 8+ characters and three of the four capitilized, lower case, number, special.

Why the fuck is this a thing? What criteria am I breaking? Two names and a number is easy to guess???

Fuck off Twitch. Fuck right the hell off.

---

I have you tagged as Michael Scott for some reason lol

---

YookaLaylee posted...

I have you tagged as Michael Scott for some reason lol

Dude,

While I was reading this I remembered Michael Scott saying that his password was 'password' out of the blue.

---

The worst part is that password length is what actually matters. It vastly outweighs special characters. In fact, just allowing special characters, numbers, and capitals but not forcing them would make passwords slightly harder to brute force because the number of possible combinations would increase.

---

must have a number, a capital letter, a symbol, another number, your moms verified maiden name. Fuck you I didnt want to sign up for your website anyway.

---

The password must be protected...even from you.

---

There are websites where I have to reset the password literally every time I visit.

And it generally takes me a couple of tries to even give them the right email address.

---

Imagine not using a password manager in 2020.

---

P0tatoes!

did I guess it?

---

Lonestar2000 posted...

Imagine not using a password manager in 2020.

yeah it's all fun and games until your password manager needs a password

YookaLaylee posted...

I have you tagged as Michael Scott for some reason lol

I have him tagged as "carfucker" and I don't know why.

---

EmbraceOfDeath posted...

The worst part is that password length is what actually matters. It vastly outweighs special characters. In fact, just allowing special characters, numbers, and capitals but not forcing them would make passwords slightly harder to brute force because the number of possible combinations would increase.

You don't want dictionary attacks to work, either. Guessing simple words, places, and people is the easiest way to have your password actually cracked - most passwords get broken because of reuse and vulnerabilities.

---

R1masher posted...

P0tatoes!

did I guess it?

No, it's Potoooooooo

---

cuttin_in_farm posted...

Its 2020. I have a million things I need a password for. I use ONE fucking password that satisfies the typical criteria of 8+ characters and three of the four capitilized, lower case, number, special.

So if I steal your password to some site, I can get into all your shit up to and including bank records?

Seems like a smart system there.
---

DevsBro posted...

There are websites where I have to reset the password literally every time I visit.

And it generally takes me a couple of tries to even give them the right email address.

>type in password
>"incorrect password"
>type it again
>"incorrect password"
>click forgot password
>receive email
>click change password
>type in new password
>"password cannot be the same as old password"

https://media.giphy.com/media/h36vh423PiV9K/giphy.gif

---

I literally went on Amazon to buy something, I put in my email and password, they say please verify it's you, go to your email address and input the code we sent you, I go to email and put my email and password to log in, please verify it's you we sent an email to your recovery email with a code, so then I had to go into my other email address in order to get the code to put into my other email so that I can get the code to put into Amazon so I can buy something that in the end I canceled the order to bc it was going to take til next week with prime.

Then I had to cancel prime and that was also super complicated too.

I hate this crap too. I just want to put in an easy password idgaf. Although I do have a "complex" password for this shit I remember well.

---

Ivynn posted...

>type in password
>"incorrect password"
>type it again
>"incorrect password"
>click forgot password
>receive email
>click change password
>type in new password
>"password cannot be the same as old password"

https://media.giphy.com/media/h36vh423PiV9K/giphy.gif

---

EmbraceOfDeath posted...

The worst part is that password length is what actually matters. It vastly outweighs special characters. In fact, just allowing special characters, numbers, and capitals but not forcing them would make passwords slightly harder to brute force because the number of possible combinations would increase.

I was once a part of a forum for a browser game that was hacked because the password was literally "AAAAA". Cue in game letter of shame.
---

ChocoboMogALT posted...

You don't want dictionary attacks to work, either. Guessing simple words, places, and people is the easiest way to have your password actually cracked - most passwords get broken because of reuse and vulnerabilities.

Yeah exactly.

ChocolateBrownies is 17 letters wrong but is a lot easier to crack with a dictionary attack than a%r90p$$W, despite being twice as long.

---

Ivynn posted...

>type in password
>"incorrect password"
>type it again
>"incorrect password"
>click forgot password
>receive email
>click change password
>type in new password
>"password cannot be the same as old password"

https://media.giphy.com/media/h36vh423PiV9K/giphy.gif

Gracious yes

---

Crazyman93 posted...

So if I steal your password to some site, I can get into all your shit up to and including bank records?

Seems like a smart system there.

Yea very smart. I can actually log into my shit without having to reset or retry.

As if someone can fucking guess my password. Two previous friends Ive had in different parts of my life and a number at the end.

Go ahead and try every name combination ever and guessing which letters are capitalized. Its not happening.

---

malenz posted...

I hate this crap too. I just want to put in an easy password idgaf. Although I do have a "complex" password for this shit I remember well.

Ok, so your password gets cracked, you get a bunch of charges on your credit card, and you complain to the bank and the website. Now they are on the hook for your poor decision and may have bad press for allowing the situation.
Allowing users to have bad security is bad for every one involved, not just that one user.

---

ChocoboMogALT posted...

Ok, so your password gets cracked, you get a bunch of charges on your credit card, and you complain to the bank and the website. Now they are on the hook for your poor decision and may have bad press for allowing the situation.
Allowing users to have bad security is bad for every one involved, not just that one user.

dude this is often not about shit like this lol. it's for basic messageboards and email and shit

---

cuttin_in_farm posted...

Yea very smart. I can actually log into my shit without having to reset or retry.

As if someone can fucking guess my password. Two previous friends Ive had in different parts of my life and a number at the end.

Go ahead and try every name combination ever and guessing which letters are capitalized. Its not happening.

A hacked doesn't really need to guess. Plenty of websites have had various data breaches exposing passwords, if they get just one of those they have access to all your accounts.

---

ChocoboMogALT posted...

A hacked doesn't really need to guess. Plenty of websites have had various data breaches exposing passwords, if they get just one of those they have access to all your accounts.

Then oh fucking well. No one is hacking into my twitch account to then try and guess my banking info that uses a different username that they now have to guess from square one again.

A fucking computer doesnt know whats easy to guess. Especially since these same shit sites use Whats your favorite movie as security questions. Its a joke.

---

cuttin_in_farm posted...

Then oh fucking well. No one is hacking into my twitch account to then try and guess my banking info that uses a different username that they now have to guess from square one again.

A fucking computer doesnt know whats easy to guess. Especially since these same shit sites use Whats your favorite movie as security questions. Its a joke.

wow dude you're a total badass

edit: oops I thought I was talking to the person you were talking to and misinterpreted what you said

---

I've honestly been considering getting Dashlane

---

<img src="https://imgs.xkcd.com/comics/password_strength.png">

---

cuttin_in_farm posted...

As if someone can fucking guess my password. Two previous friends Ive had in different parts of my life and a number at the end.

See, the thing is, I don't actually need to GUESS your password, I can hunt down a hacking program from wherever and attack a website with weak security you use, or else I just get it from the dark web. From there I just need your email for your bank account, and I may have gotten that in my initial attack on this weak website, and I then I can start stealing your money, or alternatively, I open a credit card in your name and buy myself a bunch of shit, subscribe to questionable websites, and totally fuck your credit score up. And you can say "Well it uses a different username" all you want, if I've gotten your email and password, I can just reset it. And lock you out in the process. The end result is going to be you having to go to the bank to fix it.
---

Ok but the other perspective is you're kidding yourself if you think you can ever defeat a competent hacker who is after you. If you haven't gotten hacked, the main reason is because nobody who knows what they're doing cares about you.

Choosing a strong password is just protection against some literal kid who thinks a brute force attack is going to be successful. The bigger problem is the website's security. Why would a competent hacker try to guess your password when they could simply exploit the website and get a million passwords at once?

---

at my work all i ever did was change the number at the end whenever my password expired. password 1 password 2 etc. eventually i got to 45 and then it said your password is too similar to your last password. fuck that shit!

---

Ivynn posted...

>type in password
>"incorrect password"
>type it again
>"incorrect password"
>click forgot password
>receive email
>click change password
>type in new password
>"password cannot be the same as old password"

https://media.giphy.com/media/h36vh423PiV9K/giphy.gif

So true it hurts

Your shitty password is stored in the server as 75c349cfe6ed5560fbfa393c8f9464e30feb6c5b or something, which may be easier to find a collision than bruteforce a login prompt.

cuttin_in_farm posted...

Yea very smart. I can actually log into my shit without having to reset or retry.

As if someone can fucking guess my password. Two previous friends Ive had in different parts of my life and a number at the end.

Go ahead and try every name combination ever and guessing which letters are capitalized. Its not happening.

This is so dumb. You realize that most of the time people get "hacked" it's because they have the same password for multiple sites that site gets hacked and multiple PWs get stolen including yours then they get access to everything you have

Axiom posted...

This is so dumb. You realize that most of the time people get "hacked" it's because they have the same password for multiple sites that site gets hacked and multiple PWs get stolen including yours then they get access to everything you have

First off, fuck off. Dont call what I say dumb.

Second, give me a source. Dont care what you pull out out your ass when it comes to claims.

Third, thats not likely to happen at all. Whats more likely is I get pissed off at having to reset all my passwords once my touch ID doesnt prompt once. Then I have to call a company that refuses to advertise their contact number and go through annoying prompts.

Oh no! They have one password! They TOTALLY now have access to all of my information everywhere! Somehow automatically knowing who I bank with and shit.

The odds are so fucking low, who gives a shit? What, yall scared to drive in rain, too?

---

Conflict posted...

Your approach to this is not intelligent

People don't need to "guess" your password to hack into your shit. Ever heard of keyloggers? Data breaches?

You don't need to memorize every different password you have because every browser and their grandmothers have them saved. There's also programs that can make many different passwords for you without you needing to type them in

Shut up. If theres a data breach, my shit aint being targeted amongst everyone else. I dont care.

Second, saving the info seems only helpful if you use one device to log in to everything. Not to mention thats the easiest way to get confused once you need to change a password for whatever reason.

I also dont get the logic of Make multiple passwords to protect your stuff. But also put every fucking password to all your shit in some program so a hacker only has to crack one thing.

---

My grandparents might actually have a better grasp on cyber security than TC, this is sort of sad.
---

Password length matters more than amount of special characters

But if your password is just two words and a couple of numbers your password will be violated by a dictionary attack in moments

Thats why people suggest stringing 4 words together and adding a couple extra characters.

---

Rika_Furude posted...

But if your password is just two words and a couple of numbers your password will be violated by a dictionary attack in moments

What does this mean?

[LFAQs-redacted-quote]



Is there some sort of online database that shows this or something?

My frustration has simmered down, so Im willing to have an open mind about this. I was under the assumption that people just rapid guess passwords or try to steal saved info from the site.

---

I despise the ones that don't let you repeat a character more than two times in a row. Stop policing my password, it's long and that's all that matters.

---

Master_Bass posted...

I despise the ones that don't let you repeat a character more than two times in a row. Stop policing my password, it's long and that's all that matters.

They just don't want you making your password wazzzzzzzzzup

---

anyone ever tried not getting in with what you know is 100% the correct password?

that shit is infuriating

---

AsucaHayashi posted...

anyone ever tried not getting in with what you know is 100% the correct password?

that shit is infuriating

Only about a hundred million times a second

---

DevsBro posted...

They just don't want you making your password wazzzzzzzzzup

Dammit, they're onto me!

---

DevsBro posted...

There are websites where I have to reset the password literally every time I visit.

And it generally takes me a couple of tries to even give them the right email address.

Starbucks is the worst. No previously used passwords allowed, and no verification or showing as you make a new one.

---

Ivynn posted...

>type in password
>"incorrect password"
>type it again
>"incorrect password"
>click forgot password
>receive email
>click change password
>type in new password
>"password cannot be the same as old password"

Indeed.


---

Hackers don't even try brute forcing much anymore. Phishing attempts work far too easily. Why bother brute forcing, when you can get idiots to tell you their password?

---