Which release should we be using?
Peter Pentchev
roam at ringlet.net
Sat Aug 27 01:45:26 CEST 2011
On Fri, Aug 26, 2011 at 01:41:41PM -0700, Doug Barton wrote:
> Actually I think https://www.xkcd.com/936/ says it better. :)
Yep, I was just going to comment that it's obvious that Randall Munroe
reads this list :)
> On 08/26/2011 11:08, David Tomaschik wrote:
> > On Fri, Aug 26, 2011 at 12:31 PM, Faramir <faramir.cl at gmail.com> wrote:
> >> El 26-08-2011 12:35, Aaron Toponce escribió:
> >> ...
> >>> Also, 62-character passphrase might be a bit extreme, giving you a
> >>> false-sense of security. Using a truly random sequence of characters
> >>> from the 94-printable ASCII pool of characters, a 12-character
> >>> passphrase provides you with about 78-bits of entropy. If you think
> >>
> >> According to keepass strength measurer, you can get more than 128 bits
> >> with just 30 characters (including some symbols of course).
> >>
> >> Usually we want strong passphrases to keep things safe while stored on
> >> not-so-safe places, like attached to an email message on a mail server.
> >>
> >> Best Regards
> >
> > I really like KeePass, but the strength measure it provides is nearly
> > meaningless. It assumes 8 bits of entropy per symbol, which is, as
> > Aaron pointed out, wrong. Suggested readings:
> > https://secure.wikimedia.org/wikipedia/en/wiki/Entropy_%28information_theory%29,
> > https://secure.wikimedia.org/wikipedia/en/wiki/Password_strength and
> > NIST publication 800-63.
G'luck,
Peter
--
Peter Pentchev roam at ringlet.net roam at FreeBSD.org peter at packetscale.com
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
I had to translate this sentence into English because I could not read the original Sanskrit.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: </pipermail/attachments/20110827/8519ad9f/attachment-0001.pgp>
More information about the Gnupg-users
mailing list