Permutations/Combinatorics question
Suppose you're trying to improve the password system for an email site. Currently, passwords have the following restrictions:
- Must be 8-12 characters long (inclusive)
- Uppercase letters, lowercase letters, and digits are allowed
- Must contain exactly one uppercase letter
- Must contain exactly one digit
Come up with a new set of restrictions that is (1) more secure against brute-force attacks, by offering more possible passwords, but still prevents users from having unreasonably simple passwords (e.g., don't allow someone to have '12345' as a password).
Your answer must include the following:
- The number of possible passwords in the original system
- The number of possible passwords in your proposed restrictions