Ok, so I was registering for an account and apparently my password of a single name wasn't good enough. <_<
So the suggestion is: "Tip for secure password: Please use a password that contains at least 8 characters, a number and symbols"
This really needs to stop now, who the heck can remember that? If you're banking with money, that's different because people want to steal your money so of course you need an insane password but Facebook or Youtube is just stupid.

Here are some examples:

monkey = weak
monkey6 = weak
monkey653 = fair
mo_knkey653 = good...
moNKEyy65_452 = Strong!

come on, who the heck wants to type than much less remember it?
I think a secure password should be:

monkey6
cat505
samball1
orionorionorion
onionsmelll

A word paired with a number is secure
two words that have nothing in common with a number is secure
a word repeated over and over is secure.
And a silly phrase that might have something in common but is unheard of in common language with a spelling error is secure

All those passwords are plenty secure for a social page or email account.

I don't understand the point of this thread, perhaps someone more knowledgeable can correct me here but the reasoning is that by including more characters, and more types of characters your password becomes (exponentially?) harder to guess as there are more and more possible combinations.

I also don't understand why you wouldn't want a secure password, 4-5 keystrokes more gets you piece of mind its not like they're requiring 32 chars or something, its a good balance between security and how easy it is to remember.

What exactly is the point of this again?

I don't know why you make it so complicated...

Yellow1!

First letter of word is capitalized, then number, then character. Pair them like that and its simple to remember, and is good/strong.

I often just use a sentence. Like, for example: "Ichigos_is_the_best_site_ever!!1"

It's bound to work and it's quite easy to remember. Of course, if you think I use the above example as my actual password, you're stupid :P

There's easy tricks to make passwords memorable. It's all about how you place them.

Take for instance
1qaSW@3edFR$5tgHY^7uj

That looks pretty random, right? Except that it's a keyboard pattern, start with 1 go down three, hold shift and move right one, then go up three then release shift and go down three, and so on.

Or there's the venerable |_||3E|2|_ee7, (uberleet) which mixes symbols that look like characters. Or you could do like what neko suggested, make a phrase up (1KnockMeDown,LikeI'mADomino). Randomly inject symbols or numbers for spaces. Think of the password as a pattern rather than as purely random.

Moreso than the passwords, I hate when they limit the criteria: such as "you can use !#$. and & for your punctuation". WTF? Why not include the *^&%{}][\|<>/, symbols as well? And passwords that say that it needs to be between four and eight characters. An upper limit to a password?! It screams poor programming and that they want people to try and hack them.


Jack the Ripper can crack passwords that are numbers, words, phrases, or words split with numbers that are 8 characters in length in 2 hours. Trust the website when they put down a password. There would be nothing better than to use a simple password and have some b-tard hijack your public facebook account and post pedophilia all over the place, and you be greeted with a firm knock on your doorway by the FBI.

And I don't want to hear any complaining about passwords like this. For my job, I have to remember over ten 18 character long passwords with two upper, two lower, two numbers, and two symbols; that are reset every 30 days and can never be reused again. And you can't even see these machines unless you go through a firewall.

My every password is angryopinions, because I am an angry opinionated human.

Strong password? Challenge accepted.

M, that's your Job, you probably work with a very secure thing with computers or money therefore insane passwords are definitely required but I refuse to ever
believe you need something complicated for a social network or youtube. The point is it depends on what the password is for, if it's for ichigos, a simple 8 letter name would work, if it's banking, the something like 573nd^8u##~fj3 would be better. That kind of High Security is not important on a forum or social network very much. Now I'm aware ichigos thankfully doesn't require such.


I also don't understand why you wouldn't want a secure password, 4-5 keystrokes more gets you piece of mind its not like they're requiring 32 chars or something, its a good balance between security and how easy it is to remember.

No, they require 8 now and you have to use a letter number and symbol and often mix capital and lowercase. Here's the point, a user should be able to choose
their password without any restrictions as long as it's at least 5 characters long. Why should they make us use an insanely secure password on google.

Because there are standards of security?
Imagine you have a locker in high school... and you need a lock. The rule is you need a LOCK not a piece of string. This is the same... your "simplified" password is the equivalent of a piece of string, the high school aka the website has security standards that you must adhere to. It doesn't matter how important (or not) your stuff (in the example your account) is to you, you have to follow the prescribed standards for security. Deal with it.

They've explained the reasoning behind it, given you ideas to easily remember them, AND shown you how easy you have it (comparatively) if you don't agree... don't sign up.

M, that's your Job, you probably work with a very secure thing with computers or money therefore insane passwords are definitely required but I refuse to ever
believe you need something complicated for a social network or youtube. The point is it depends on what the password is for, if it's for ichigos, a simple 8 letter name would work, if it's banking, the something like 573nd^8u##~fj3 would be better. That kind of High Security is not important on a forum or social network very much. Now I'm aware ichigos thankfully doesn't require such.

But actually use 5-15 characters, 2 upper, 2 lower, and 2 symbols in all my passwords :(


No, they require 8 now and you have to use a letter number and symbol and often mix capital and lowercase. Here's the point, a user should be able to choose
their password without any restrictions as long as it's at least 5 characters long. Why should they make us use an insanely secure password on google.

Because your digital identity is almost your primary identity at this point. Consider the fact that you're going to apply for a job. The first thing the employer does is checks your resume. The next thing is almost always googling your name and seeing what comes up. If you have facebook as public (which, by the open nature on how you see security, you do), they will review your character, and then consider you for a hire.

Now consider the fact that you posted a not so nice comment on a blog, and someone posts your facebook account on a hacking site. Suddenly, all of your social networking data is overrun by bots that do nothing but obtain your personal identity and break it. From now on, that account is dead, but it will never be deleted. Once something is on the internet, it never goes away.

Also, did you know that if you connected facebook with your cellphone and your address, you can pretty much sign up for a credit card? You could even reverse engineer important identification numbers such as a SSN simply from the information held in your facebook account. Single points of information is safe to expose, but when you take a lot of personal data and combine it together, it quickly becomes something that can be very dangerous. And this is what most identity theft agencies are trying to prevent. Even worse, most users use the exact same password everywhere. This means that once you get one account, you get all accounts.

I wouldn't sacrifice safety for convince: especially when it's something as simple as a codeword or password. It's like google says with it's new privacy policy: "This stuff matters".