Which release should we be using?

Doug Barton dougb at dougbarton.us
Fri Aug 26 22:41:41 CEST 2011


Actually I think https://www.xkcd.com/936/ says it better. :)

On 08/26/2011 11:08, David Tomaschik wrote:
> On Fri, Aug 26, 2011 at 12:31 PM, Faramir <faramir.cl at gmail.com> wrote:
>> El 26-08-2011 12:35, Aaron Toponce escribió:
>> ...
>>> Also, 62-character passphrase might be a bit extreme, giving you a
>>> false-sense of security. Using a truly random sequence of characters
>>> from the 94-printable ASCII pool of characters, a 12-character
>>> passphrase provides you with about 78-bits of entropy. If you think
>>
>>  According to keepass strength measurer, you can get more than 128 bits
>> with just 30 characters (including some symbols of course).
>>
>>  Usually we want strong passphrases to keep things safe while stored on
>> not-so-safe places, like attached to an email message on a mail server.
>>
>>  Best Regards
> 
> I really like KeePass, but the strength measure it provides is nearly
> meaningless.  It assumes 8 bits of entropy per symbol, which is, as
> Aaron pointed out, wrong.  Suggested readings:
> https://secure.wikimedia.org/wikipedia/en/wiki/Entropy_%28information_theory%29,
> https://secure.wikimedia.org/wikipedia/en/wiki/Password_strength and
> NIST publication 800-63.
> 
> 



-- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/




More information about the Gnupg-users mailing list