> Also, doing the math, I get the following for the suggested longest > passphrase length (maybe you can point out what I've got wrong): Provided the passphrase is totally random, then yes, a 20-glyph passphrase would be about right. If your passphrase is English, you're looking at 1.3 bits of entropy per glyph, or a 100-glyph passphrase. Entropy estimation is hard.