• 0 Posts
  • 18 Comments
Joined 1 year ago
cake
Cake day: June 20th, 2023

help-circle





  • Interesting.

    Yep, that’s a fitting term. You definitely still have to rely on macOS (and keep a copy of it around, e.g. for firmware upgrades, which of course basically only come bundled with macOS versions), but other than that, you can do more or less what you want to – as long as you’re outside of it.

    I quite like this idea though if I’m being honest, normie users get all the hardened security from the regular boot chain without experiencing basically any difference/downsides, while hardware enthusiasts and (Linux) tinkerers still have options open (well, options that you can get if you have a new chip on a rarer architecture with previously no third party OS).




  • zzz@feddit.detoAsklemmy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    I mean, if we’re being pedantic, there’s a reasonable technical limit once the password reaches multiple MBs of data.

    But yes, there’s no good reason for the actual limits we’re seeing out in the wild.

    Yes @evatronic, this is of course what I meant with “except if the js starts crashing maybe”. I’m aware that hashes end up with the same length, no worries 😄


  • zzz@feddit.detoAsklemmy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Sure. Banks should be enforcing that instead of special characters. But the vast majority of people would just choose “football” or “password” as their passwords if they weren’t required to do something more complex.

    Ironically though, something like

    IveLovedUsingFootballAsMyPassword!EverSinceThe1980s.

    as a password would be miles ahead of even the most random character combination possible, but which is only 12-20 characters long.

    And as an added bonus, the above example is practically guaranteed to have never been used before, in addition to being correct horse battery staple (that is, tremendously easy to remember).

    I hate when a website/app in this day and age imposes an absurdly low upper password character limit like 30. (cough looking at you, PayPal, when I re-set my password a few years ago it was freaking 20, not exaggerating).

    Shouldn’t password length below like 100 (or realistically, any length until it starts crashing the js behind it?) not matter anyways, since it’s all salted, peppered and hashed before further processing anyways?