Passphrasecheckwebsites

[Ryan Malayter]

Write your own password generator. It's easy to calculate the entropy,
as well as make the passwords fit any complexity requirements your
OS/application may have. I use a modified diceware system, picking N
words from a custom 10,000 word dictionary and adding several random
characters. I seed the generator by hand with dice tosses and data from
http://www.random.org. I've calculated the entropy to be not less than
60 bits - more than enough for a password with lockout - but the
paswords are still easy for me to remember.


-----Original Message-----
From: Leigh S. Jones [mailto:kr6x@kr6x.com]=20
Sent: Friday, May 31, 2002 8:32 AM
To: gnupg-users@gnupg.org
Subject: Re: Passphrasecheckwebsites


I just gave the site 256 bits of entropy and it claimed to be able to=20
break my password in 1 tag, finding 3 of its dictionary "words"=20
embedded.  They didi't look like words to me.
----- Original Message -----=20
From: Michael Anckaert=20
To: Mortimer Graf zu Eulenburg=20
Cc: gnupg-users@gnupg.org=20
Sent: Thursday, May 30, 2002 9:47 AM
Subject: Re: Passphrasecheckwebsites


I really don't trust this site. I don't say the makers of the website=20
have bad intentions, but I haven't tried the site out with any=20
passwords that I actually use.=20
What if they log your ip-adress and the password/passphrases you give=20
them? Maybe I'm just paranoid, but I really don't trust them.=20


--=20
LINUX: The Choice of a GNU Generation...=20
----------------------------------------------=20
Michael Anckaert=20
manckaert@belgacom.net=20
xantor@linux.be=20
http://www.xantor.tk=20
OpenPGP: 0xC3300BEC=20
----------------------------------------------=20