[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gnupg-users
Subject:    Re: A better way to think about passwords
From:       Aaron Toponce <aaron.toponce () gmail ! com>
Date:       2011-04-24 13:37:54
Message-ID: 20110424133754.GJ16692 () poseidon ! cocyt ! us
[Download RAW message or body]

[Attachment #2 (multipart/signed)]


On Sun, Apr 17, 2011 at 03:49:58PM -0700, Doug Barton wrote:
> Summary: A 3-word password (e.g., "quick brown fox") is secure against
> cracking attempts for 2,537 years.
>
> http://www.baekdal.com/tips/password-security-usability

Yeah, I've read it. It sucks. If an author claims they know something about
password security, but don't define entropy, or at least explain it, then
the article is worth a grain of salt. The math is just bad. Very, very bad.

If you really want password security, coupled with massive amounts of
entropy, and 100% platform independence, then I would suggest
https://passwordcard.org.

My thoughts on the matter:
    * Entropy: http://pthree.org/?p=1761.
    * Password Card: http://pthree.org/?p=1564

--
. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

["signature.asc" (application/pgp-signature)]

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users


[prev in list] [next in list] [prev in thread] [next in thread]