Passphrase length and security. Am I reading this right?

Anthony Papillion papillion at gmail.com
Fri Aug 26 23:06:25 CEST 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

So in the course of another discussion on this group, I was told that I
might not actually need my 160+ random character passphrase for good
security. A few URL's were included, including this one
(https://secure.wikimedia.org/wikipedia/en/wiki/Password_strength) on
password strength.

If I'm reading the article correctly, I would really only need a 13 to
16 random character password to achieve the 100+ year protection against
brute force attacks. Is that right? Am I really wasting THAT much effort
or am I reading this wrong?

Thanks,
Anthony
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (MingW32)

iQIcBAEBCAAGBQJOWArRAAoJEFMVikTZRCu/9QsP/iNq0ZJpciM5mn961S+5Phcl
W5n9fZy09Fqk0pu6cLnaAGBoYTJ6zct2mddOS4mP6JGz+yzjNEBE/quIoEmfsbRC
bEK4FvBYIJIM9enii9DSndom5szt8WhbAIiWAZf9hxgnjKBkcoI5vaNYzKmZvN+u
+lwHeYFAGdS46ZRGp1COOSyvY9y2XrtCrJEK7tpIn7VrxYAiwgFOkCExN5dc3fex
l54vfi/4uYdTHrgB5nJwSSZdxm7W3YXWfZ8zDVLCgoAnVt/HbJXjQgfShaCH4s4M
3rbjl1KaR1d5VGzOtDmpTqMbrzil1Drz6zh4TNOh8kt8bo+vRVUh/1F6HfawAZc7
nn6FrrY4yjTI6ycOxlzWP+qan/7OGDOEhp/hdpNI9jL/OunBPNBFwZnYWC5jgb8s
O6FA/wjzSThgadrldZiBXPMmPKjxicuhf/j4TXl6aIktVo0OVwGyadv+dfAGNeN/
zSfoYjd2DguRqSg4Th5Oo6OSKqBE6Vl072fuFBS+4GuU+b8gCivLBnnJfnzCKVpk
npey4jXIyTFo3SY1actdOVouab5P764vSqxvXlQtN7nhmuV+2ieGHhWtxJwdrU6f
2c4GeSXugkTr6tK/RuEhDcA2adkYootng90KcPiS8LLG3BhsJ/N7EdwxH9H/fsuS
s/ax3UuoSp5wdyXmAmPQ
=yXng
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list