How long should a password be? [Survey of sorts]

[AlTech]

Exactly as title says.

 

This is for information gathering purposes.

[Guest Gabbs]

256 characters

[wyattzx]

A password should be the maximum length a service allows, utilizing as many random particle words as possible, containing as many special characters and uppercase / lowercase as possible. 

[don_svetlio]

Only one of my passwords is 28 characters

[AlTech]

A password should be the maximum length a service allows, utilizing as many random particle words as possible, containing as many special characters and uppercase / lowercase as possible. 

That's not realistic

 

 

Only one of my passwords is 28 characters

How the hell do you remember that password?

[don_svetlio]

That's not realistic

 

 

How the hell do you remember that password?

Via pen & paper

[Bl00dgod]

That's not realistic

 

 

How the hell do you remember that password?

keepass

 

the longer it is the safer it gets

 

never write something down for safety

or as a friend does take a look into your book <placenamehere> on page <xxx> and use the first 5 sentences as password

 

and for spacer take ALT + 255

[Atmos]

I generally shoot for around 16 characters including caps, numbers, and symbols.

There are perks to using hotkeys as foreign symbols my friends, the ß works especially well since many languages and keyboards, and even programs don't recognize it.

In that same logic though, there are a handful of sites that don't accept it as a valid key.

[warzkaz]

That's not realistic

 

 

How the hell do you remember that password?

probably it's a phrase like gettothechoppayippeekiyaymotherfucker

just like my passowrd

[TheGamingBarrel]

How I get my passwords.

[LokiFire]

My passwords are normally 15+ and have never been cracked.

 

I did have a password cracked by some weirdo in india however on my Gmail account back when i used 11 characters and only letters...

 

Google sent me his IP and everything hahaha.

[wyattzx]

That's not realistic

 

 

How the hell do you remember that password?

z!RaN___stREAM#14

 

That used to be one of my passwords on Gmail. Not all of us are lazy with our security. 

 

How did I remember it? "z!" was for the 350z, a favored car of mine at the time. "RaN" was simply "Ran" with odd numbers capitalized. The three underscores are for First, Middle ,and Last name. stREAM is "street" and "stream" combined, where st is lowercase to signify an abbreviation. #14 was picked for my day of the month I was born on. 

 

I used it for years.

[Mo5]

Just do a sentence with random numbers in the middle

[Philosobyte]

If you're using random letters, digits, and symbols, no password cracking software or machine is going to be powerful enough to crack a password longer than 8 characters unless they have, say, an entire year with the world's most powerful supercomputer. I remember there was a website where you could calculate the time required to go through all the calculations. 

That's why I chose 12 - 16 characters. It's a standard length for most websites so it's easy to keep consistent with a password manager like LastPass.

[Bogica]

8 should be good enough if you combine uppercase, lowercase and numbers. Bruteforcing 8 character passwords takes AGES unless you have a supercomputer. But then again, my most important accounts have long passwords. I typically use around 12-16 characters combined.

[Alexandrovichenn]

I gave a 33 character password randomised with letters low case upper case numbers and two 28 character passwords and 4 29 character passwords, all remembered via repetition

[Alexandrovichenn]

Have*

[LokiFire]

8 should be good enough if you combine uppercase, lowercase and numbers. Bruteforcing 8 character passwords takes AGES unless you have a supercomputer. But then again, my most important accounts have long passwords. I typically use around 12-16 characters combined.

Is how my passes are formed.

[TetraSky]

It should at the very least allow more than 8~16 characters.
I use quite a few services where they put such a low character limit on passwords, it's ridiculous.

Personally, the passwords I generate in Keepass are between 20 and 30 characters long, if the service/site I use allows it.

[AlTech]

z!RaN___stREAM#14

 

That used to be one of my passwords on Gmail. Not all of us are lazy with our security. 

 

How did I remember it? "z!" was for the 350z, a favored car of mine at the time. "RaN" was simply "Ran" with odd numbers capitalized. The three underscores are for First, Middle ,and Last name. stREAM is "street" and "stream" combined, where st is lowercase to signify an abbreviation. #14 was picked for my day of the month I was born on. 

 

I used it for years.

I'm not lazy. My short term memory is really bad.

 

My long term memory is really good.

 

If i was a teacher (for example) and i gave a class a piece of homework. I would need to write down somewhere that i gave that homework cos otherwise i wouldn't remember.

 

(FYI - I'm a student so when  a teacher forgets homework it's not that bad )

[LukeTim]

Your "password" should be a sentence at least 4 random words long, with some digits and special characters thrown in where it makes sense.

 

Long, random jumbles of characters are very secure but you're fucked if you forget them or can't access your keychain.

[atrash]

anything above 12 is good enough imo. Keychain ftw.

[The_Stig]

Just going to leave this here:

[Sauron]

The longer the better - assuming you can remember it.

[Coaxialgamer]

The longer the password, the longer it takes to brute force it with a computer.

A 10 digit password should be enough as there are 1E50 different possibilities.