Skip to main content
All CollectionsGeneral LemonadeLXPAccessing Your LemonadeLXP
Password Strength Requirements
Password Strength Requirements

My password has exclamation marks, why is it getting rejected!

Alex Lemaire avatar
Written by Alex Lemaire
Updated over 3 years ago

A common question asked is: "What are your minimum password requirements?". Old-school answers would include criteria such as:

  • min 8 characters

  • at least one uppercase

  • at least one special character

  • at least one number

Unfortunately, most of the time, this yields weak passwords that look like "Password123!". We'd love to see how many folks use "Pizza123!" at their favorite online pizza ordering service!

As evidenced by leak databases, humans are terrible at creating secure passwords. This is because the criteria above, that have been hammered into us for the past 10 years, have only led to hard-to-remember passwords that are easy for computers to guess.

Therein likes LemonadeLXP's criteria: "How long would it take a computer to guess this passphrase?"

Bad Password Patterns

Examples

Is It Memorable?

Time to Crack

A common word

december

Yes.

18 milliseconds

An easily-typed spacial word

qwerty, aaaaaaaa

Very much so.

10 milliseconds

The family dog

rusty

Yep.

27 milliseconds

An important number, such as a date

03261981

To you, certainly.

2.213 seconds

A word with a trivial letter to number substitution

s4nfr4n

Not very much

639 milliseconds

If your password resembles any of these examples, it is instantly crackable. Even a mix of these patterns such as [common word] + [number] is straightforward to crack.


There's an easier way: Passphrases!

Compare the tough examples above, to a simple passphrase!

Password Pattern

Example

Is it Memorable?

Time to Crack

Four or more randomly chosen words

mergers decade labeled manager

It can be! Pick words you will remember. Plus, after you type them a few times, they'll stick

6,000,126 centuries

Alternate ways to generate great passwords

If you use a recent version of Chrome Safari, the passwords that they automatically generate for you are excellent. If you use the browser-generated passwords, LemonadeLXP will accept them because of their cracking difficulty.

Password managers such as 1Password also generate strong passwords. They use a different pattern (bunch of random characters) that should give adequate security, but are near impossible to remember. Interestingly, passphrases are still better than these terribly obscure passwords.

Password Type

Example

Time to Crack

Password-manager style, random garbage

p%9y#k&yFm?

Approximately 90,182,663 centuries

Passphrase

logic finite eager ratio

Approximately 189,658,722 centuries

Did this answer your question?