If your registration form thinks
Pa$sword1 is acceptable but T^Go"thgAY?u!n#ih!@N isn't because it doesn't have a fucking number in it, you need to be banned for life from software development.
(Yes, it did generate "gothgay", I swear ๐ )
@SiteRelEnby
I'm on the Internet since the nineties and I'm using a password in the vein of Pa$sword1 that is most certainly in all the dictionaries for 80% of my accounts. And you know how many times in all the decades my account got brute-forced? Once!
It was an Evernote account I had nothing in and I didn't care about it โ it was a great reminder to delete it for good. I wasn't motivated to investigate, maybe it even got taken over in some other way.
@SiteRelEnby
All these password complexity requirements are a load of crap โย especially for the accounts that they have forced you to make and which you do not intend to use to store sensitive information. I'm still using complex passwords for a handful of accounts I use daily that I do not have saved or written down anywhere and I don't intend to stop doing that, but in the most general case the complexity requirements are way overblown.
@SiteRelEnby
If it's enforced with JS on client side I sometimes even use the dev console to doctor the request and change it to a least complex one โ because fuck'em, that's why! ๐
