BoofStroke@lemm.eetoProgramming@programming.dev•A question about passwords | characters used in them
20·
1 year agoThe new NIST guidance is to have something long. Special characters don’t matter. So a good passphrase that you can remember > short line noise. NIST also recommends against constant password rotation, but to instead audit for dictionary attacks. See also: https://www.netsec.news/summary-of-the-nist-password-recommendations-for-2021/
Yes, it is bad programming. Of course, on the backend you must never store passwords in the clear. You should never grow your own hashing algorithm.
Ansible?