What if you took the opportunity to turn your secure pass-phrase into a positive affirmation?

@hjalm I think that would breach quickly! 😂 (Unless it was very specific, or in cuddle-speak).

@odd If you still have to use passwords, phrases of three or four words (joined by extended characters and including numbers) will get you much farther than the recommended 16 characters. And if you're joining words together, and using the phrase repeatedly, why not make it meaningful?

@hjalm True. I think when you wrote pass-phrases, I thought about passwords, because I use longer phrases for them, if available. I do not reuse any, and I generally follow the concept you lay out.

@odd I gradually got myself out of the terrible habit of re-using passwords. Now I get angry when the pass-phrase I want to use is too long for whichever resource I'm accessing. As an IT guy, there is one of my passwords for elevated access that I must use with great frequency… Hence my post. 😉

@hjalm Didn’t MS-DOS and Windows < 95 restrict them to 8 chars? Am I remembering that wrong?

@odd Feels true? Might have been minimum circa NT4/Windows 2K?

@odd I think it's worse than that. It appears that as late as 2017 minimum password length is not enforced by Microsoft, but buy Group Policy. They recommend 8 characters, but you can :: hangs head :: set the minimum for fewer.

@hjalm I didn’t know that. It reminds me that there is someone that I know that probably haven’t more than 8 characters right now. Have to talk to them.