|
|
|
|
|
|
by ebbv
4811 days ago
|
|
|
This article misses the real flaw with the pass phrase; pass phrases aren't really 2^B (where B = bits obviously) entropy. They're D^N entropy where N = number of words and D = size of the dictionary. The OED has 171K words in it, so say you're using a 7 word phrase that's ~4.3 * 10^36 possibilities. In reality most people's vocabulary is no more than 60K words whch gives us 2.8 * 10^33. If instead you use only 16 character password with no dictionary words (i.e. completely random or sufficiently randomized memorable words) you have 3.4 * 10^38 possibilities. 3.4 * 10^38 > 4.3 * 10^36 > 2.8 * 10^33 I think everybody should use what works for them, and pass phrases are easy to remember but they have the exact same trade off that using pure dictionary words does at shorter lengths; it's easier to crack. |
|
|
>If instead you use only 16 character password with no dictionary words (i.e. completely random) you have 3.4 * 10^38 possibilities.
You're confusing characters and bytes. If you limit yourself to what can be typed on a typical keyboard, you're looking at a set of 95 characters, not 256. That gives you 4.4E31 possibilities (or ~105 bits of entropy). If you limit yourself to what most password fields will accept, it's more like a set of 75 characters (optimistically), giving you 1E30 possibilities (~100 bits).
Secondly, I'm not sure the comparison is fair in terms of memorability. 7 words will fit easily in my working memory. 16 characters will not. If I have an exceptional working memory, I might be able to fit 10 characters in it, and suddenly we're down to 63 bits of entropy, compared to 77 bits for a 7 word pass phrase, even if we limit ourselves to a 2000 word dictionary. And committing those 7 words to long term memory is still going to be way easier than committing the random 9 character string.
Incidentally, 77 bits is very close to the 80 bits that NIST recommends for the strongest passwords. 63 is quite a long way off.