Is it simply just security theater when websites require you to put special characters, numbers ect. in your password?
It seems to me that, if anything, it would make it easier for programs to hack your account by eliminating a lot of possibilities. I suppose it would stop a few people from making simple passwords like "password123" or "ladiesman" ect. but I wouldn't think it would make any noticeable difference. I'm not sure (despite what comedic scenes on TV may show) that many people use passwords like that in reality. I don't know though.
- opurtLv 71 year agoFavorite Answer
Yes, it's more secure. If it's going to randomly guess at passwords, they now have additional things to try for each place in the password. If it's just letters, it's 52 guesses per position. Add numbers and it's 62 each. Add the common symbols and it's in the 80s. While systems will force that a number and symbol and mixed case are used, it doesn't force where, so a system that's trying to guess at passwords has to try all the possibilities in all the positions.
Very rarely are passwords just guessed at anymore. Most systems have a limit of how many bad attempts can be made before the account is locked, so unless they're lucky they don't get anywhere.
In many cases, passwords are obtained from systems that have been compromised in other ways. You don't need to guess at passwords when you have a whole list of the accounts and the passwords they use. In other cases it's from phishing attacks where somebody is duped into typing their ID and password. Because people often use the same password on multiple sites, then that gives them access to all sorts of different things without any guessing or additional hacking.
- keerokLv 71 year ago
IT makes it harder to guess but if people simply add the number or special character before or after a dictionary word then it won't take long for hackers to figure that out. C'mon guys, be creative! It's for your own good.
- Ron75Lv 61 year ago
It is more secure. I use long passwords with combinations of upper and lower case letters, numbers, and some special characters that make no sense at all. When I was working with the labs we used long passwords and with our Unix we could put in letters or characters that wouldn't even show up.