Re: Password Difficulties
Figure that each English character has 1.8 bits of entropy. (This is a conservative number, because it doesn't take into account case, spacing, or punctuation.) If I want a passphrase that will map into a 64-bit keyspace, I need at least a 35-chararcter phrase. Don't forget the difficulty of typing such a long phrase, with echoing turned off.
Don't forget the difficulty of typing such a long phrase, with echoing turned off.
Steve, did you learn anything interesting from your experiment several months ago in which you were testing the ability of folk to type long passwords? I remember being surprised at how short your test passwords were, given the nature of the experiment. (I have no difficulty typing 50-character pass phrases with echoing turned off.) --apb (Alan Barrett)
C'punks, There has been some discussion about typing long passphrases with echo off. I don't have any trouble, but I'm a touch typist. Perhaps it is only the hunt-and-peck, two-finger typists who are have a problem. S a n d y Typing--one of the three most useful courses I took in high school.
There has been some discussion about typing long passphrases with echo off. I don't have any trouble, but I'm a touch typist. Perhaps it is only the hunt-and-peck, two-finger typists who are have a problem.
I'm not a touch typist (although I am also not quite a hunt-and-peck typist, either). And using only about 6 fingers (well, I am counting both thumbs in this count, and sometimes I use my other fingers as well) I have no problems typing in my long (40-50 char) pass phrase! However, I am a computer geek (well, I prefer to be known as a nerd, but I have Nerd Pride, so... ;-) Anyways, I have a feeling that Steve's testing was done with non-computer-geek-type people. I.e., secretaries, managers, and high-up muckety-mucks. Is this true, Steve? What was your sample space in your research? -derek
On Sun, 3 Jul 1994, Sandy Sandfort wrote:
C'punks,
There has been some discussion about typing long passphrases with echo off. I don't have any trouble, but I'm a touch typist. Perhaps it is only the hunt-and-peck, two-finger typists who are have a problem.
S a n d y
Typing--one of the three most useful courses I took in high school.
I am also a touch typist and have not problems typing long passphrases with echo off. I was also wondering about this discussion. I can type a long passphrase with little trouble. Jim Riggs
steve bellovin writes:
bruce schneier writes:
Figure that each English character has 1.8 bits of entropy. (This is a conservative number, because it doesn't take into account case, spacing, or punctuation.) If I want a passphrase that will map into a 64-bit keyspace, I need at least a 35-chararcter phrase.
Don't forget the difficulty of typing such a long phrase, with echoing turned off.
but it's not that difficult. at least, I don't have any difficulty with it. perhaps I really am superhuman, but somehow I doubt it. josh
participants (6)
-
Alan Barrett -
Derek Atkins -
James E. Riggs -
joshua geller -
Sandy Sandfort -
smb@research.att.com