That doesn't mean constraints like 'no repeated characters' is a good idea. It g... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		JshWright on Feb 2, 2015 \| parent \| context \| favorite \| on: Authentication Cheat Sheet That doesn't mean constraints like 'no repeated characters' is a good idea. It gives the attacker significantly more information about the plaintext if they know they can rule out all strings with duplicated characters.

jpravetz on Feb 2, 2015 [–]

And isn't mmmdG0tKtN#mmmmmmmmmmmmm more secure than dG0tKtN#mm?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact