Most of the effort spent on making passwords stronger is wasted, according to a trio of researchers from Microsoft in the USA and Carleton University in Ottawa, Canada.
The researchers, Dinei Florêncio, Cormac Herley and Paul C. van Oorschot, said in a recent paper that there are two vast “don’t care” regions where energy spent on strengthening passwords is simply wasted.