A hacker still has to try every combination when brute-forcing a password, don’t they? If my password was long enough why wouldn’t any type of characters be fine?
​
Best answer given by /r/danceswithsteers below: [https://xkcd.com/936/](https://xkcd.com/936/)
In: Mathematics
Let’s say you need to create a password with just the letter A and B, and for the sake of argument let’s say it’s 3 characters long.
You have different options like aaa, bbb, aba, bab, aab etc. Rather sooner than later someone would be able to guess your password easily.
Now let’s say you can now add C and D in there also. Now there are much more combinations, so the hacker has to guess for longer to find out your password.
So the more characters you add, the longer it takes to guess that password.
>If my password was long enough why wouldn’t any type of characters be fine?
Yes, it’s better to have a long password that you can remember, like MyGruesomeLeafblowerTeddybear than something that’s shorter but has more characters like @h&Y-61jk.
Latest Answers