Technical Articles
F5 SMEs share good practice.
cancel
Showing results for 
Search instead for 
Did you mean: 
warburtr0n
F5 Employee
F5 Employee

May 5th 2022 is World Password Day and F5 Labs want to celebrate it!

By now I think everyone in IT has seen the excellent XKCD comic on passphrases. Passphrases are easier to remember, longer, and, therefore, more secure than passwords. Right?

XKCD comic on passphrasesXKCD comic on passphrasesSource: https://xkcd.com/936/

The logic seems sound, but does the math hold up? Are passphrases really more than passwords? Excited to find out if correct horse battery staple is really that secure?

Read the article on F5 Labs to find out, then come back here to share the best and worst advice you've heard for creating strong passwords:

https://www.f5.com/labs/articles/cisotociso/password-safety-security-best-practices-passwords-vs-pas...

 

 

 

Comments
JRahm
Community Manager
Community Manager

the best password is no password at all...am I doing this right? 🙂

shsingh
F5 Employee
F5 Employee

Perhaps it's a moot point... no matter how unbreakable your password, you are likely to change it is a site is breached and credentials stolen - regardless of whether the attacker was able to crack your password over the list.

So to make that something tangible, are we protecting a password against a targeted credential attack (i.e. someone specifically wants MY details), or from large scale breaches (in which case you are more likely to change regardless of password/passphrase strength).

If it is the latter, then we get into areas of "did I know a site I frequent was breached"... etc which password managers typically do a good job of keeping track of.

Gurmar
Nimbostratus
Nimbostratus

Thank you for the information

Version history
Last update:
‎03-May-2022 11:18
Updated by:
Contributors