Which is more secure - to use the maximum length password a system will allow, or use a slightly shorter length password?
When using a password manager, it becomes trivial to use passwords that match the maximum length a system will allow. But, if that became practice, would that "known length" password be harder or easier to crack than using a password of slightly less than maximum length - say a random few characters shorter than maximum length? If max length became the norm - hackers would target that length only (or first).
Thoughts?
When using a password manager, it becomes trivial to use passwords that match the maximum length a system will allow. But, if that became practice, would that "known length" password be harder or easier to crack than using a password of slightly less than maximum length - say a random few characters shorter than maximum length? If max length became the norm - hackers would target that length only (or first).
Thoughts?