The paradox of password complexity requirements

admin Tuesday July 8, 2014

Users often choose unsafe passwords. Administrators wanting to prevent that will sometimes implement requirements on passwords. While these usually try to enforce complexity, any computer scientist will see why they also ease cracking, theoretically. And as Matthew Palmer explains, theory is quite right at times.

Ah, if only users would always choose passwords as complex as heuristics.