PayPal you’re doing it wrong

Posted on June 10, 2012

In the aftermath of the LinkedIn password hack. I thought it was about time I boosted the length of some of my passwords. I’m utterly astounded that so many sites seem to have such short length limits on their passwords. 20 characters is going to take some time to crack if it’s truly random. But we’re human and we can’t remember random strings. Pass-phrases are far more likely to be remembered but if they’re going to be secure they’re going to hit those length limits pretty quickly.

If you haven’t already done so it’s worth changing at least your LinkedIn password and any others that are the same or similar. A secure password should be long, complex (mix of letters, numbers, symbols) and not easily guessable (don’t take a word out the dictionary and stick a number on the end).

Posted in: