I hate when websites have some weird rules for passwords, and show the rule when you are creating the password, but not when entering it. How am I supposed to remember the password must begin and end with a special character?
I’ve literally never had an issue with password generation. Usually I generate 32 character passwords with all types of characters passwords on average expect. If a page has different rules, I just check the corresponding boxes in my password manager, and I get one that works for that site.
maybe they were looking for extra special characters like 🁄 or ⶸ. Who am I kidding, RFC 1738 tells us that literally everything is unsafe and you know, we need to prepare for the inevitable occasion when the password somehow ends up inside an URL.
The characters “<” and “>” are unsafe because they are used as the delimiters around URLs in free text;
the quote mark (“”") is used to delimit URLs in some systems.
The character “#” is unsafe
The character “%” is unsafe
It ends up with
Thus, only alphanumerics, the special characters
$ - _ . + ! * ’ ( ) ,
are safe
Having to alter my one generic password I use for random ass website because there’s a stupid extra rule is usually annoying me enough that I don’t register lmao.
honestly I prefer to go the other route : if a website complains about a generic randomly generated password , especially if they have very specific rules I take it as a challenge to make a password with as much entropy as possible , preferably to the point where any reasonable hash can express less entropy
In that case consider your accounts on “everything else” to be compromised already. It can be a pretty significant vector for identity theft for example.
I hate when websites have some weird rules for passwords, and show the rule when you are creating the password, but not when entering it. How am I supposed to remember the password must begin and end with a special character?
I can’t recommend password managers enough, because you will never have this issue again.
Password creation will still be annoying for sites with special rules. You just don’t have to remember them once you generated them.
I’ve literally never had an issue with password generation. Usually I generate 32 character passwords with all types of characters passwords on average expect. If a page has different rules, I just check the corresponding boxes in my password manager, and I get one that works for that site.
and when the rule is also wrong example: password must contain special charcters
the password in question contained : and ^
if those aren’t special characters idk what is
I never get bored of discovering yet another software that gets broken because someome put a dollar sign in their password…
maybe they were looking for extra special characters like 🁄 or ⶸ. Who am I kidding, RFC 1738 tells us that literally everything is unsafe and you know, we need to prepare for the inevitable occasion when the password somehow ends up inside an URL.
It ends up with
I am going put null on my password and you aren’t stopping me
Having to alter my one generic password I use for random ass website because there’s a stupid extra rule is usually annoying me enough that I don’t register lmao.
honestly I prefer to go the other route : if a website complains about a generic randomly generated password , especially if they have very specific rules I take it as a challenge to make a password with as much entropy as possible , preferably to the point where any reasonable hash can express less entropy
Password manager?
I use it for important things that require actual security. Everything else gets the one password treatment.
In that case consider your accounts on “everything else” to be compromised already. It can be a pretty significant vector for identity theft for example.
I’m not dumb enough to share important private information on websites that don’t require it.
I use a mental algorithm that means my password is always different on paper, but is always deducible by me.