A better way to think about passwords

Aaron Toponce aaron.toponce at gmail.com
Sun Apr 24 15:37:54 CEST 2011

On Sun, Apr 17, 2011 at 03:49:58PM -0700, Doug Barton wrote:
> Summary: A 3-word password (e.g., "quick brown fox") is secure against
> cracking attempts for 2,537 years.
> http://www.baekdal.com/tips/password-security-usability

Yeah, I've read it. It sucks. If an author claims they know something about
password security, but don't define entropy, or at least explain it, then
the article is worth a grain of salt. The math is just bad. Very, very bad.

If you really want password security, coupled with massive amounts of
entropy, and 100% platform independence, then I would suggest

My thoughts on the matter:
    * Entropy: http://pthree.org/?p=1761.
    * Password Card: http://pthree.org/?p=1564

. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110424/887fdae9/attachment.pgp>

More information about the Gnupg-users mailing list