In the real world, where passphrases must be memorized, "long and random" is an elusive goal, which has to be weighed against the risk of other ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ attacks (such as capturing keystrokes with a sofware monitor, or from afar ^^^^^^^ with a van Eyk antenna, etc.).
Me, I use a nonsense phrase which has meaning to me, with a few garbage characters added to confuse things further. I don't think my passphrase is the weak link.
- --Tim May
This is, of course, very good advice. Passphrases need only be as strong as every other component of the security system. I'd add that there is a moderately good reason to keep the passphrase _only_ as strong as every other component of the system for psychological reasons. The passphrase is what the user tends to think of when they think of their system. Even if that user is the designer of the system, a false sense of security an be an easy thing to develop. At a past place-of-work, someone there who prided themselves on using difficult passphrases was bitten pretty severely by a faulty .forward file. DES provides similar lessons - searching 56 bits of keyspace requires just barely less effort than that required to launch other attacks on the algorithm (in theory, at least). The system is, as far as anybody knows, secure, and no part of it is significantly more secure than any other. -j -- On the internet, nobody knows you're a diety. _________________________________________________________________ Jamie Lawrence <foodie@netcom.com>