On 5/5/20 10:41 PM, Rich Pieri wrote:
* Run: "pwgen -nsB ##" (where ## is typically 16 or more)
Remember that there is a *big* difference between a password that is a
password and one that is used for encryption. A password (if not reused
between sites) does not have to be particularly strong. 30-bits of
entropy is a lot for a password that has rate-limited attempts, but for
encryption where attacks which can be run in parallel it is nothing, one
should have over 100-bits. A money machine PIN has only 13-something
bits of entropy, yet I think I have only ever heard of one ATM weakness
arising from the short PINs.
-kb
_______________________________________________
Discuss mailing list
Discuss@lists.blu.org
http://lists.blu.org/mailman/listinfo/discuss
