how long should a password be?
aolsen at standard.com
Tue May 6 23:37:40 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
> Everyone says it should be as long as possible, but there comes a point
> where it's just impossible to remember anything longer than 20
> characters. What do you think?
Passwords should be as many characters as you can remember plus one.
Actually for long passphrases I use bizarre memorable sentences. You can add in extra punctuation if you are able to remember that. My usual passphrases are 50-60 characters, but since they are phrased in a way I can remember them, I don't forget them.
Examples would be:
"Never buy Fix-O-Dent from a veterinarian."
"Never buy corn oil from a podiatrist."
"Never buy baby oil from a pediatrician."
"Never buy tartar sauce from a dentist."
Or you can construct something longer, if you want. (Those are kind of short, but what comes to mind at the moment.)
-----BEGIN PGP SIGNATURE-----
Version: 9.5.3 (Build 5003)
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1522 bytes
More information about the Gnupg-users