Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

## (no subject)

Page 1.0 of 1.1

• Anonymous
2012-07-29

On second thought, that would probably make more sense as:

[__] LIMIT repeating characters... (up to _)

Last edit: Anonymous 2014-03-23

• Anonymous
2012-07-29

Jeez, looks like I posted it twice before this. Sorry about that!!!

The more complex the password, the more difficult it is to crack using brute force methods and cryptanalysis. You could argue that this could limit the number of password combinations available, which would be true, but this does not weaken the password generated, it makes it stronger. If I can choose from the entire alphabet, upper & lower case, numbers, and alpha-numerics, it is not that difficult to create many unique and very secure passwords without repeating characters.

• Rony Shapiro
2012-07-29

To elaborate on the post that Fernando referred to:

Allowing repeating characters strengthens rather than weakens the password, as it increases the number of combinations that an attacker needs to try.

This is easiest to see with a trivial example. Consider a 3 letter password, where each 'letter' is a digit, 1, 2, or 3.

With repetitions, we have 333 = 27 combinations.
If we disallow repetitions, we have only 6 combinations (!).

Same principle (but larger numbers) applies for longer passwords with a larger set of letters.

Rony

• Rony Shapiro
2012-11-25

• status: pending --> closed
• milestone: --> Next_Release_(example)