|
|
|
|
|
|
by handsomeransoms
4372 days ago
|
|
|
Securedrop dev here. We tried to balance the memorizability of codenames (aka Diceware passphrases) with their length. The current minimum length is 8 words from a list of 6969 words, so you get math.log(69698, 2) = 102 bits of entropy, which is quite good. Additionally, the codenames are stretched with scrypt with affords an extra (approx.) 14 bits of entropy (that's our current work factor). We are continuing to discuss and debate this trade-off. Other ideas welcome! |
|
|