> As a result of Morris and Thompson’s recommendations [of one-way hashing] and those who believed their assumptions without evidence, it was not until well into the 21st century that the scientific community learned just how ineffective password policies were.
Not sure about where the "scientific" community boundaries are, but I'm pretty sure that even in the pre-21st decades it was no secret among system administrators. They knew their users erred towards the most terrible passwords the system would permit.
Not sure about where the "scientific" community boundaries are, but I'm pretty sure that even in the pre-21st decades it was no secret among system administrators. They knew their users erred towards the most terrible passwords the system would permit.