iHeinrich

just trying to find the answer…

Not password, passphrase

For years, people have been warned about using strong passwords and being told that strong passwords have the following characteristics:

  1. Mixed Upper and Lower Case
  2. Special Characters

It goes without saying you should NEVER have a password that might relate to your name or the name of a family member.

But there is a website that will tell you exactly how STRONG (or weak) your password happens to be. The strength of a password is measured in entropy. The higher the entropy, the stronger the password.

http://rumkin.com/tools/password/passchk.php

So, using the above criteria, how strong are the following passwords?

Password Entropy Comment @1k guess per sec
He1nr1ch$ 39.9 Reasonable Strength. But it’s also my name. 17 years
Fleaswtracenlant 72.8 Strong. But it’s also the name of my ‘A’ School in the Navy. 149.7 BILLION years
Trump_8==> 42.9 Reasonable, and reflects a political opinion. 140 years

Is there a better way? Yes. Use four words that only mean something to you.

Example. Chicken Nuggets Tent Farts

I went camping with a friend of mine. He ate an entire 20 pack of Chicken Nuggets. I slept outside for obvious reasons.

What is the entropy here? 116.4 bits, which is incredibly strong. At a 1,000 guesses a SECOND, it would take 2,634,346,452,833,500,000,000,000 years to guess the password.

That’s 2.6 septillion years.

As a frame of reference, the Big Bang event occurred 14 billion years ago and the last dinosaurs died out 65 million years ago.

XKCD had a comic for this…

Previous

Fresh Fedora Install? Do this next…

Next

VPN and you.

1 Comment

  1. Yessica Alvayero

    Good stuff!

Leave a Reply

Powered by WordPress & Theme by Anders Norén