Hacker News new | ask | show | jobs
by limaoscarjuliet 4178 days ago
Using good passwords (i.e. alphanum, case sensitive, perhaps with some special characters) in end user deployment is a support nightmare. Imagine you are trying to tell such password to user over a phone on a support call. The 10 digit number sequence is unsafe but is easy to handle - people are used to phone numbers and account numbers.
1 comments
tga_d 4178 days ago
A 10 digit number sequence has 33.2 bits of entropy. 3 diceware words has 38.7 bits of entropy. I don't think 10 numerical digits is easier to relay than 3 words. Although either would be far short of the ~90 considered fully secure, I think it's safe to say there are plenty of designs that would have been both safer and easier to use.
link
pyre 4178 days ago
The words themselves are prone to end-user screw-ups though. Think of how many people don't know how to spell correctly... :P
link