Yes that’s exactly it. When you reduce the total space of possible passwords you are giving a brute force attack unnecessary hints to improve their attempts with. A weak password will always be a weak password, so single digits or obvious or popular patterns should be avoided, but this should be a matter of user education rather than a hard and fast rule for account creation.
Yes that’s exactly it. When you reduce the total space of possible passwords you are giving a brute force attack unnecessary hints to improve their attempts with. A weak password will always be a weak password, so single digits or obvious or popular patterns should be avoided, but this should be a matter of user education rather than a hard and fast rule for account creation.