Diceware passphrase size
Tue May 27 20:59:02 2003
Content-Type: text/plain; charset=us-ascii
On Tue, May 27, 2003 at 08:07:24AM -0700, firstname.lastname@example.org wrote:
> if you find it hard to type in a long diceware passphrase from the=20
> commandline without looking at it, then you might find this=20
Well, that's not the reason why I was asking. I do type pretty fast. I=20
want to quantify the security of my passphrase.
> it is a way of using a random string of characters rather than a collecti=
> of words,
> initially harder to remember, but once memorized, much easier to type
It's an interesting idea. However, the keys generated by this method are=20
hard to type because:
- You'd use the shift key for about half the characters.
- About 29% of the characters would be in in remote places of the
I thin it could be improved:
- If you disallow the shift-key, a 12-character password would
be equivalent to a 5-word diceware passphrase.
- If you disallow the top row also you'd need 13 characters.
- If you only allow lowercase letters you'd need 14 characters.
I'll think about this. My current passphrase has 35 characters. :)
On the other hand, I can type pretty fast. Maybe the extra memmory effort=
is not worth the savings in typing time.
Thanks for the link.
Daniel Carrera | OpenPGP fingerprint:
Graduate TA, Math Dept | 6643 8C8B 3522 66CB D16C D779 2FDD 7DAC 9AF7 7A88
UMD (301) 405-5137 | http://www.math.umd.edu/~dcarrera/pgp.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (SunOS)
-----END PGP SIGNATURE-----