Ash: I agree, but tell that to my client. Cheers, tedd > On Jan 12, 2018, at 1:05 PM, Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx> wrote: > > > > On January 12, 2018 5:44:25 PM UTC, Per Jessen <per@xxxxxxxxxxxx> wrote: >> Tedd Sperling wrote: >> >>> Hi Gang: >>> >>> Does anyone have a password filter? IOW, a routine/function where it >>> rejects any password that does not conform to certain rules such as >>> “At least on Capital letter. At least one Number. At least one >> Symbol” >>> and such? I know, I hate those things myself — because I use phrases >>> and it annoys me when these “Know it all” routines stop me from using >>> pass-phrases I like, but I’ve had an order from a client and never >>> argue with a client. >> >> Sounds like a pretty simple regex. > > Minimum length should be your only real requirement. Transposing letters for numbers/symbols serves only to make the password harder to remember (and thus end up on a post-it note stuck to the computer) but does little to the amount of time it takes to crack. > > Obligatory xkcd reference: https://xkcd.com/936/ > > Thanks, > Ash > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php _______________ tedd sperling tedd@xxxxxxxxxxxx -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
