> I certainly have several nonsensical words / names for my cats. None > of them contain numbers or punctuation or anything associated with a > strong passphrase. The longest of these is probably about 12 > characters. And a system that can try a billion RSA keys per second is > going to quickly exhaust the relatively short combination of these, > even brute forcing. And you're right -- as I also alluded above, the
assuming the attackers have a dictionary of only 500000 words that contains your nonsense words and assuming unicase and no spaces or other punctuation you get 18.9 bits/word. for a neat 3 word phrase, that's 56.8 bits. for a login, that's plenty since there should be some protection against password guessers. general slowness or just a slow connection should be enough to prevent 1e9 guesses/sec. > People have enough difficulty remembering short passwords. Or creating > "good" passwords in the first place. Upper bounds along with enforcing > permutations are placed to reduce peoples' likelihood of forgetting > them while still providing some level of security. It's not the best > approach, but until people start treating passwords like an ATM card > with a PIN, it's not going to matter much anyway. (Ignoring that PINs > for most cards are only have 9990 or fewer permutations.) people will learn. real computer passwords have not been common for very long. also, an atm card is a 2-factor authentication scheme. and you get 3 guesses. assuming you can steal the card your chances of success are about 3/10000. (wiki says 6/10000 due to unused numbers http://en.wikipedia.org/wiki/Pin_number#PIN_security) a better attack might be to shoulder surf and then socially engineer the bank into sending you a card. say by stealing it out of the mailbox. - erik
