A story of one man’s battle with password “strength” requirements.
- Start with a “letmein”
- App says “Password must include a capital letter”
- User enters “Letmein”
- App says “Password must include a number”
- User enters “Letmein1”
- App says “Password must include a special character”
- User enters “Letmein1!”
Instead of forcing users into using a password which is hard for them to remember but easy for machines to attack, encourage good practices like LastPass and promote the use of a passphrase rather than a password.