←back to thread

Apple Passwords’ generated strong password format

(rmondello.com)
430 points tambourine_man | 1 comments | 18 Oct 24 11:12 UTC | HN request time: 0.196s | source
Show context
eviks ◴[18 Oct 24 13:11 UTC] No.41879128[source]
Why not just use real words with longer password instead? That'd be easier to type than these shorter "word-like" syllables
replies(3): >>41879137 #>>41879148 #>>41879247 #
bombcar ◴[18 Oct 24 13:13 UTC] No.41879137[source]
Even if horse-battery-staple works mathematically people don't trust that it's "really random".

1password supports it as "memorable password".

replies(3): >>41879184 #>>41879233 #>>41879327 #
edweis ◴[18 Oct 24 13:35 UTC] No.41879327[source]
Seclist actually has a similar password "correct-horse-battery-staple" in one of their dictionary.

    curl https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Discovery/DNS/dns-Jhaddix.txt | grep "horse-battery-staple"
replies(2): >>41879355 #>>41879367 #
1. scoot ◴[18 Oct 24 13:39 UTC] No.41879367[source]
> Seclist actually has a similar password "correct-horse-battery-staple" in one of their dictionary.

There's a well-known reason for that (and for GPs comment): https://xkcd.com/936/