Kinda yes, but really no. If they assume there is always a comma, but if you add it after you’ve generated whatever password you’ve chosen you’re still making it harder for them. You haven’t compromised on the length, and now they need to figure out where in the rest of your random password the comma goes.
doesn’t having commas in every password reduce overall entropy though?
Kinda yes, but really no. If they assume there is always a comma, but if you add it after you’ve generated whatever password you’ve chosen you’re still making it harder for them. You haven’t compromised on the length, and now they need to figure out where in the rest of your random password the comma goes.
that’s reducing entropy even more. by assuming everything between two commas is a password, they would have a shockingly high hit rate.
What? If you’re talking about an already leaked list of passwords in a CSV it doesn’t matter?