[OT] passphrases Was: Re: Allowing paste into pinentry-gtk-2?

Todd A. Jacobs codegnome.consulting+gnupg.org at gmail.com
Mon Apr 18 23:32:56 CEST 2011

On Sat, Apr 16, 2011 at 8:02 PM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> The best numbers I've seen regarding passphrase entropy suggest that plain English text has in the neighborhood of 1.5 to 2.5 bits of entropy per glyph.  Just FYI.  You can find these numbers in Shannon's original works on entropy, among other places.

Yes, well, that would mean that a 32-character English passphrase will
average about 64 bits of randomness. Is that really enough to protect
a key from an offline brute force attack? I think not, but am open to
being persuaded. :)

More information about the Gnupg-users mailing list