mostafatalebi Posted March 7, 2013 Share Posted March 7, 2013 Hello I have a very simple question. Is allowing passwords with space inside, problematic? Quote Link to comment Share on other sites More sharing options...
Christian F. Posted March 7, 2013 Share Posted March 7, 2013 No, not problematic at all. If any thing, it's desirable as it increases the entropy (available character space). Technically speaking, it is desirable to allow any printable character in a password. As for every character disallowed in a password, the time it'll take an attacker to crack the password is reduced exponentially: The entropy is defined by number of characters in a password raised to the power of available characters, after all. (Length^allowed characters, in other words.) Just to give you an example of how much difference only two disallowed characters would make, and then we only assume 95 printable characters in total (basic ASCII): php > $len1 = pow (10, 95); php > $len2 = pow (10, 93); php > echo $len1 - $len2; 9.9E+94In case you're doubting it, yes: That is 99 followed by 93(!) zeroes fewer potential password an attacker has to search. All from just removing only 2 characters from the pool. Or, in other words, you just reduced the entropy by 99% Quote Link to comment Share on other sites More sharing options...
mostafatalebi Posted March 7, 2013 Author Share Posted March 7, 2013 thanks. comprehensive reply Quote Link to comment Share on other sites More sharing options...
Christian F. Posted March 7, 2013 Share Posted March 7, 2013 You're welcome. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.