Marcel Popescu wrote:
X-Loop: openpgp.net From: "sunder" <sunder@sunder.net>
I tend to just string up lots of characters, so my passphrases look like this:
^#.;Odfi9@7f$}'~%42w0,m:Qe_|33+\ and so on.
Why the heck would you need a password this big? There are 94 printable characters (0x33 .. 0x7E); a random password 32 chars long (like the above) will thus have ~ 1.38 x 10^63 possibilities, meaning 210 bits of entropy (10^63 = O(2^210)). What, do you intend to use your password as a public key?
A password made of the same character set, but only 8 chars long, will provide 94^8 ~= 6 x 10^15 = O(2^50) combinations. I'd say that's plenty - remember, it's a password, not a key.
I use things like the above as passphrases, not passwords, to things like PGP or the encrypted disk partitions I use. Hence you need lots of entropy. -- ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\ \|/ :aren't security. A |share them, you don't hang them on your/\|/\ <--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/ /|\ :masked killer, but |don't email them, or put them on a web \|/ + v + :will violate privacy|site, and you must change them very often. --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------