What if the Bruteforce method use a database of words which it looks for within the password. So it dissect the password, by looking for words, even if there are no spaces in between? I like to replace letters with numbers, for example : P@$$w0rd43v3R {Password for ever}-- So there is no recognisable words in that password that can be extracted.
It is still readable by humans, but computers will have a hard time figuring that out.
(And NO, I am not using that password, it was just an example)
It is still readable by humans, but computers will have a hard time figuring that out.
(And NO, I am not using that password, it was just an example)I would be very careful with this kind of rules. I've read a few years ago already that some of the more advanced dictionary-based brute force password crackers were starting to handle "leet" variations of the dictionary words.
So I made a prototype of a system that makes the password difficult and it is always unique.
OP, from what I understand the system is a little bit overcomplicated and the website has to implement/use your system, since the password keeps changing.
And if the website wants to improve, there's already 2FA that does the job much easier.