06-04-2016, 04:14 AM
The first point I used is subjective, as torreydale pointed out, so it is reasonable to feel that Forum passwords should be secure.
So, I should summarize the second point, which is that requiring upper, lower, numerals and special characters do not increase the security of the password, whereas allowing them does increase the security of all passwords used on the site - because the password hacking software has to do more guesses for each character. The hacking software does not know that any particular character is upper, lower, numeral or special - because the site has allowed all. It's irrelevant whether users actually chose upper or numeral, etc. because the hacking software cannot know your choice.
As pointed out by XKCD, only the length indicates the strength of any individual password.
So, I should summarize the second point, which is that requiring upper, lower, numerals and special characters do not increase the security of the password, whereas allowing them does increase the security of all passwords used on the site - because the password hacking software has to do more guesses for each character. The hacking software does not know that any particular character is upper, lower, numeral or special - because the site has allowed all. It's irrelevant whether users actually chose upper or numeral, etc. because the hacking software cannot know your choice.
As pointed out by XKCD, only the length indicates the strength of any individual password.