Lesson 1

Length vs Complexity

Why longer secrets often beat forced character recipes.

Password strength grows quickly with length. Composition rules such as “must include one uppercase, one number, and one symbol” can help compatibility with older systems, but they also encourage predictable patterns.

Modern guidance emphasizes:

  • Longer passwords and passphrases
  • Avoiding known breached or common passwords
  • No unnecessary periodic resets
  • Multi-factor authentication for important accounts

Use symbols and character categories when a service requires them. When you control the system, allow long secrets and avoid training users into predictable substitutions.

When you want to practice, use the related DevCove tool — optional, not part of this lesson.

Open related tool

Back to course overview