A better way to think about passwords
Robert J. Hansen
rjh at sixdemonbag.org
Mon Apr 18 01:40:56 CEST 2011
> I was thinking about that, between words, there is only a BLANK
> SYMBOL, same value of any other given symbol. Well, from point of view
> of math, nothing changes, all "data", but from "knowledge" point of
> view about human behaviour it is possible that it's have some kind of
> relevance.
Yeah, more or less.
Elsewhere on his site he says that if you can't use spaces in a password, you should use dashes rather than just concatenate letters together: "this-is-fun" as opposed to "thisisfun." He's quite adamant this is necessary for the security of your password. Unfortunately, it just isn't so: if I'm running a Markov chainer to generate possible plaintext passwords, what symbol(s) I use as interword marker(s) is(are) completely arbitrary: it doesn't significantly affect the time to generate text.
So, yeah, like I said: I give a big yuk to his methodology.
More information about the Gnupg-users
mailing list