Ryan Malayter
Fri May 31 17:59:02 2002

Write your own password generator. It's easy to calculate the entropy,
as well as make the passwords fit any complexity requirements your
OS/application may have. I use a modified diceware system, picking N
words from a custom 10,000 word dictionary and adding several random
characters. I seed the generator by hand with dice tosses and data from I've calculated the entropy to be not less than
60 bits - more than enough for a password with lockout - but the
paswords are still easy for me to remember.

-----Original Message-----
From: Leigh S. Jones []=20
Sent: Friday, May 31, 2002 8:32 AM
Subject: Re: Passphrasecheckwebsites

I just gave the site 256 bits of entropy and it claimed to be able to=20
break my password in 1 tag, finding 3 of its dictionary "words"=20
embedded.  They didi't look like words to me.
----- Original Message -----=20
From: Michael Anckaert=20
To: Mortimer Graf zu Eulenburg=20
Sent: Thursday, May 30, 2002 9:47 AM
Subject: Re: Passphrasecheckwebsites

I really don't trust this site. I don't say the makers of the website=20
have bad intentions, but I haven't tried the site out with any=20
passwords that I actually use.=20
What if they log your ip-adress and the password/passphrases you give=20
them? Maybe I'm just paranoid, but I really don't trust them.=20

LINUX: The Choice of a GNU Generation...=20
Michael Anckaert=20
OpenPGP: 0xC3300BEC=20