The absolute best practice is to add random spaces that don't correspond to syllables. A 10 character password can go from taking a few seconds to crack to several hundred years with a few well placed spaces.
That said, there are databases out there that don't like spaces, and for some reason lots of financial institutions are this way.
Fucking ridiculous in 2023. If I want to have a 300 character password, that's my business, hate these arbitrary rules of a max number, no special characters...
The absolute best practice is to add random spaces that don't correspond to syllables. A 10 character password can go from taking a few seconds to crack to several hundred years with a few well placed spaces.
That said, there are databases out there that don't like spaces, and for some reason lots of financial institutions are this way.
I just hate fucking sites that tell me it has to be under 16 characters. Like wtf
Fucking ridiculous in 2023. If I want to have a 300 character password, that's my business, hate these arbitrary rules of a max number, no special characters...