|
|
|
|
|
|
by vikstrous4
4857 days ago
|
|
|
When cracking passwords attackers don't just use brute force. The most effective attacks are ones that exploit human patterns such as leet replacements, capital first letter, punctuation at the end, etc. Concatenated words in all lowercase with no spaces is another pattern that can easily be added to their list and probably already is there, so yes, you can assume that that they will be looking at the space of 2048^4 such passwords. |
|
|
I think you missed my first paragraph, where I made that point:
"Normals" are using their name with a 3 instead of an E, or some word with a 1 on the end. This tends to put them in rainbow tables _or_easy_attacks_.
Also, my example passphrase that I was annoyed Evernote wouldn't let me us isn't log2(2048^4), but ~ log2(5000^8) even assuming you know it is words.
This thread is getting of on the tangent of debating XKCD's particular formula. XKCD is not the point.
My original post asked Evernote Team to please grok the idea of that cartoon, which it's obvious they had not given their clearly wrong tips and rejection of a very strong password and acceptance of one of the weakest.