Skip to content

100% in your browser. Nothing you paste is uploaded — all processing runs locally. Read more →

Blog

Posts on password entropy, passphrase math, why complexity rules backfire, and how to actually store passwords on the server.

Why password complexity rules (mostly) make passwords worse

Forcing a number, symbol, capital letter, and 90-day rotation produces 'P@ssw0rd1!' updated to 'P@ssw0rd2!' — same password, lower entropy. NIST changed its mind in 2017. Here's why most policies haven't caught up.

5 min read #password #policy #security