A better way to think about passwords

Robert J. Hansen rjh at sixdemonbag.org
Mon Apr 18 01:40:56 CEST 2011


> I was thinking about that, between words, there is only a BLANK
> SYMBOL, same value of any other given symbol. Well, from point of view
> of math, nothing changes, all "data", but from "knowledge" point of
> view about human behaviour it is possible that it's have some kind of
> relevance.

Yeah, more or less.

Elsewhere on his site he says that if you can't use spaces in a password, you should use dashes rather than just concatenate letters together: "this-is-fun" as opposed to "thisisfun."  He's quite adamant this is necessary for the security of your password.  Unfortunately, it just isn't so: if I'm running a Markov chainer to generate possible plaintext passwords, what symbol(s) I use as interword marker(s) is(are) completely arbitrary: it doesn't significantly affect the time to generate text.

So, yeah, like I said: I give a big yuk to his methodology.




More information about the Gnupg-users mailing list