Does anyone have any evidence, anecdotal or formal, about how
different password strength requirements impact the usability of a
web-based application?
There's a spectrum of different strength requirements. I've seen
sites that don't have any requirements, other than the password
exists.
Get the feed