how long should a password be?
Bill Royds
apple at royds.net
Mon May 5 14:18:01 CEST 2008
On 5-May-08, at 03:55 , Wolf Canis wrote:
> There are infinite possibilities. That's the trick. Not the length
> of a
> password is
> decisive but the quality. The quality of your password decides how
> much
> effort is necessary to hack it.
Unfortunately that is not true. Since most systems use a single byte
for each character in a passphrase There are only 2^(8*n) bits in an n
character passphrase.
So there are only 64 bits in an 8 character password, which can be
cracked quite quickly using rainbow tables for any password.
The real problem is allowing multiple attempts to crack the passphrase
and this only occurs if your secret keyring is available to the cracker.
Basically, any password you can remember is easy to crack, so don't
let the keyring ever be in a position for someone to try.
More information about the Gnupg-users
mailing list