William Allen Simpson wrote:
This replacement password is much more easily
guessed.
The account could have been stolen within minutes or hours.
Is this true? (Yes, I know that a fast machine can try zillions
of passwords per hour in theory, but for a reasonably designed
system, certainly not in practice.)
Please update the password generator to use at least
17 characters,
That seems like far too many.