[DanielStraight]

Despite admitting that...

> Attackers use programs that try all words in a password dictionary, which is typically just a file of commonly used words in a given written language. These programs will even use combinations of these words, and permutations based on common replacements of letters with numbers or symbols

The author then goes on to say...

> Compare the password "B5s9z-Qx" with the password "SophisticatedpwsRock!!".... The first would be 72⁸, or 722,204,136,308,736 possible passwords. This would take a desktop PC roughly 3 days to crack. Compare that with our second password, which would be 72²² or 72,663,267,215,268,556,211,671,874,973,277,863,542,784, that’s a lot of possibilities.

This is a contradiction. A 10-letter word does not add as much entropy as 10 random characters. If you assume it does, you will cripple your security.

Do not follow this advice on passwords.

[thembones]

Seems like you decided to quote the article, yet ignore the actual advice.

>Password length is 99% of password security. Password complexity is a distant second when it comes to modern password security.

He doesn't say to use a common 10 letter word with no complexity, which you infer with your comment. It's also comparing 72^8 with 72^22. The point of the article is that length trumps complexity. Not sure how you came to your conclusion.

[DanielStraight]

My point is that 72^8 and 72^22 is an invalid comparison to determine the relative strength of those passwords.

B5s9z-Qx is 72^8

SophisticatedpwsRock!! is something like number_of_common_words^2 + 26^3 + 10^2. In other words, two common words, three lowercase letters and two symbols.

You can put each of these passwords in Dropbox's zxcvbn (https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.ht...) to see this more clearly.

They give a guesses_log10 of 8 for "B5s9z-Qx" and 12.76155 for "SophisticatedpwsRock!!". In other words, the latter is stronger, but it's not 72^14 times stronger. That's where the article messes up.

An attacker isn't going to crack "SophisticatedpwsRock!!" by trying 72^22 options. Just like an attacker isn't going to crack "password" by trying 72^8 or even 26^8 options. They're going to try 1000 or so options of super common passwords for "password" and some combination of dictionary words, abbreviations, symbols, common transformations, etc for "SophisticatedpwsRock!!". This makes the search space much, MUCH smaller than 72^22.

[thembones]

>My point is that 72^8 and 72^22 is an invalid comparison to determine the relative strength of those passwords.

That's fair, but you're talking about directly attempting to crack as opposed to rainbow tables, which I believe was the authors intention, mapping the full key space. In this case, the exponents still hold.

>Do not follow this advice on passwords.

Additionally, maybe your first comment's point wasn't well articulated, since the author's work has proven true in your own tests for the passwords given, length trumps complexity. I would also argue that he doesn't say anywhere do not use complexity, he specifically points out however that banks use complexity as a mask of security while limiting length.

[DanielStraight]

Length does not trump complexity.

"Internationalization" is 20 letters long, but it will be cracked in seconds by even a moderately sophisticated attacker. (zxcvbn gives it guesses_log10 of 4.34708)

The only way to measure password strength is to estimate the number of guesses necessary to crack the password. That means figuring out how many possible passwords could have been chosen for whatever method you are using to pick your password. In the case of "SophisticatedpwsRock!!", the method is something like: common adjective with a common transformation (capitalization), relatively common abbreviation, common noun with a common transformation, common punctuation, common punctuation. The number of possible passwords using that pattern is what you should be interested in, because that is how the attacked is going to get your password, not by trying every possible combination of characters.

For a simple example, the passwords "i like salt" and "you like pepper" should be considered equally strong (or equally weak as the case may be) since they follow the same pattern for generation. Any system of determining password strength which gives them significantly different strengths is misleading. In this case, if we followed the method the author used, we would say "you like pepper" is 26^4 times stronger, which is absurd. (zxcvbn by comparison gives them both almost the same rating: guesses_log10 of approximately 8.)

You cannot take a password picked by one method (common words) and score based on another method (characters). Passwords are only as strong as the easiest possible way to guess them. If you generate 8 random characters and they happen to spell "password", your password is still weak because it can be guessed by a much easier method than going through every combination of 8 characters.

Find the easiest way to approach guessing a password and see how many tries it would take using that method. That will give you the strength of the password. Counting characters will not.

[thembones]

>"Internationalization" is 20 letters long, but it will be cracked in seconds by even a moderately sophisticated attacker. (zxcvbn gives it guesses_log10 of 4.34708)

Literally nothing to do with the article and an absurd choice for a password to make your (misguided) point. Length does trump complexity, however once again I'll repeat, the article doesn't say complexity doesn't matter. It does. It says it does.

Sorry my man, I think you missed the point of the article entirely. I also think your knowledge about how passwords are cracked in the wild is off base. Your theoretical thought experiment here isn't how it's done. Also the Dropbox password calculator you provided proves it. Every single character added to a decent password adds guesses_log10 assuming moderate complexity.