PayPal you’re doing it wrong
Posted on Jun 10th 2012
In the aftermath of the LinkedIn password hack. I thought it was about time I boosted the length of some of my passwords. I’m utterly astounded that so many sites seem to have such short length limits on their passwords. 20 characters is going to take some time to crack if it’s truly random. But we’re human and we can’t remember random strings. Pass-phrases are far more likely to be remembered but if they’re going to be secure they’re going to hit those length limits pretty quickly.
If you haven’t already done so it’s worth changing at least your LinkedIn password and any others that are the same or similar. A secure password should be long, complex (mix of letters, numbers, symbols) and not easily guessable (don’t take a word out the dictionary and stick a number on the end).
Posted in etc