There is no limit on the length of a passphrase,
Faramir
faramir.cl at gmail.com
Tue Oct 21 18:33:18 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Robert J. Hansen escribió:
> Of course, the trick there is 128 bits _of entropy_, not 128 bits _of
> passphrase_. Conservatively speaking, there are probably about 1.5 bits
> of entropy per letter of English text, meaning you'd need about an
> 80-char English passphrase to max it out. Introducing alphanumeric
> characters, punctuation and the like will reduce this considerably.
I use KeePass, and when I create a password, there is a bit counter,
supposedly, it shows the real bit length of the password... is that what
you mean when you talk about bits of entropy v/s bits of passphrase?
It took 32 characters (mixing lowercase, uppercase and numbers) to get
129 bits (I bet it's not easy to get exactly 128 bits). The character
'r' just added 2 bits, while 'R' added 6 bits... interesting, probably
people is used to think in terms of characters, and "1 character= 1
byte= 8 bits". The good thing is the 2 password cracker software I have
seen, also "think" in terms of characters, maybe if they would use bits,
they would be faster...
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBAgAGBQJI/gROAAoJEMV4f6PvczxAnL8H/1R/5Ge7qqfJFXK8rAow0Qui
AuJDjKUnYS7ynR6Lr0MVCoX0vGJ/M5bkbNJGxdYTYJ53ysBIzeQzYnS5V9gAd/id
mgUwvS/EvfAXYHp+IUXbDKVGm1pFJhnDFDDgsy1XT2gcoGCk2Yf9NgTWqHzry3Ow
sqQc4Yy+3FZw2BJ0cttSyuX/DnClTR8+cRoR5WxFPxDOtbAVTJHH49E0O9mvRVYU
RVj/6T5qcxQ0MrudGQQSvfniIZhHkJi7fsNQDXbzjWTowSiKehEgaiWpz3sm8lxx
feSGnS1tEF570AEOwZJmQxe0B+VEKNnu7iIXvGmIJYJJ3GRkV61JeLq8UUQ41xw=
=1jcR
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list