Celery says my password is weak, what do I have to do now?
Celery is web-based and contains financial data. Therefore password have to be strong against certain attacks and Celery checks if password are strong enough.
What makes a strong password?
A strong password is one that’s either not easily guessed or not easily brute forced. To make it not easily guessed it can’t be a simple word, to make it not easily cracked it needs to be long and complex. Super computers can go through billions of attempts per second to guess a password. Try to make your passwords a minimum of 14 characters.
How does the strength checker work?
- The password strength calculator uses a variety of techniques to check how strong a password is. It uses common password dictionaries, regular dictionaries, first name and last name dictionaries and others. It also performs substitution attacks on these common words and names, replacing letters with numbers and symbols – for example it’ll replace A’s with 4’s and @’s, E’s with 3’s, I’s with 1’s and !’s and many more. Substitution is very typical by people who think they’re making passwords stronger – hackers know this though so it’s one of the first things hacking software uses to crack a password
- The password strength meter checks for sequences of characters being used such as "12345" or "67890"
- It even checks for proximity of characters on the keyboard such as "qwert" or "asdf".
I want to use my "not so strong" password
If you have a weak password but you do want to use it, please use it twice with a space in between. This will increase the length dramatically and make it more secure that way.