this post was submitted on 25 Aug 2024
565 points (98.6% liked)
Cybersecurity - Memes
1964 readers
2 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
My favorite is "can't be more than x% similar to the last 3 passwords". Of course, you shouldn't ever define what "similar" actually means.
And the only way to check that is by storing the previous passwords in a recoverable format.
Or by generating the hashes of all expected permutations of the password the user has just set, and keeping them until the next password is set to compare against. Granted, that would be a prodigious number, but technically doable.