Except, it’s not done. That is a disaster waiting to happen.
We’ve all been there. You’re setting up a new SSL certificate, configuring a database connection string, or initializing an API authentication handler. You need a key. So, you type a few random characters on your keyboard: password123 . Done. Except, it’s not done
Attackers know this. They have dictionaries full of "human-random" guesses. configuring a database connection string