[Cryptography] How secure are hashed passwords?

[Peter Gutmann]

Bob Simmons <bsimmons at compassnet.com> writes:

>Not excusing the use of weak passwords, but some sites (like Paypal) won't 
>let you paste into the "new password" and "confirm password" fields. Do you 
>want to manually type in a 20 character string from a password generator? I 
>get out the dice at that point.

Troy Hunt has a long discussion about the stupidity of this at:

http://www.troyhunt.com/2014/05/the-cobra-effect-that-is-disabling.html

Peter.