user 16756
Senior Member
- Joined
- Feb 5, 2015
- Messages
- 2,645
- Reaction score
- 3,940
And that was something you never stated. All you claimed was a 32 character long password was unbreakable.
For the record, I personally support password manager use. But am also aware that proper 2FA is the way to back that up. Given code quality today, I’d take an 8 character password + token based MFA over your 32 character password any day.
And yes, I’m may be an ********, but spout BS and expect to be called on it.
If you really think that a long password is unbreakable you need to get out of the industry. Everything is breakable. Just because you don’t know how it can be done doesn’t mean it can’t and won’t be tomorrow (or hasn’t been by nation state already). I’ve been doing this long enough to know that basic truth. It’s always a matter of when not if something will get broken.
you are trying so hard to construct a completely different argument so I can be wrong.
not only are you trying to act like a big boy security expert for seemingly no reason other than your own ego, now you're telling me what I said with my post? grow up.
you're suggesting I am saying that you should only have a long password. complete fabrication. what I said is literally right there.
you're suggesting that because there are a million and one attack vectors, that it invalidates something true. completely ridiculous.
you're suggesting I said a "long password is unbreakable". wrong. I said that a well constructed password that is 32 characters long cannot be defeated by attacking the password in a reasonable amount of time with today's hardware and techniques. this is so fundamentally true you literally have to claim Im saying something completely different than anything I've actually said.
look we've all seen the hive graph. this is gpu-accelerated btw.
look if you wanna fight mr strawman go ahead but Im done with you. if you're gonna fire shots at what I actually said go ahead but if you're just going to make **** up so you can look impressive then you're gonna have to do it into the void from now on.
also I wasn't sitting in an IT department begging people to use 2FA. I was literally engineering software to secure ICS systems from state actors. you should probably consider that if that's the case, the problem is likely with your interpretation of what I'm saying, rather than what I'm saying. but at the end of the day it doesnt matter; I cashed a lot of paychecks because the **** I wrote worked.