Seonglae Cho- TLS 1.2 or higher only, SSL v2/v3 not supported
- Multi-factor authentication options: SMS, TOTP (Authenticator app) supported
- Minimum 10 characters + score 3 or higher (based on offline slow hash attack criteria "safely unguessable" level, estimated attempts < 10^10)
Password Usages
History
Passwordless: a different kind of hell?
It's no secret that authenticating into services is an unresolved topic. With time, we have managed to make them more secure, but that was at the expense of user experience. The new generation of mail codes and authenticator apps has moved us from the ease of one-click browser autocomplete to complex ordeals involving multiple steps and sometimes multiple devices.
https://jcarlosroldan.com/post/315/passwordless-a-different-kind-of-hell
Choosing a truly strong password
Password strength explained
I try to explain how attackers would guess your password, should they get their hands on your encrypted data. There are some thoughts on the strength of real-world passwords and suggestions for your new password.
https://palant.info/2023/01/30/password-strength-explained/
