On Wed, Jul 05, 2006 at 12:24:34PM +0200, Joachim Schipper wrote: > Consider five lower-case words chosen from 1024 possibilities each, for > instance - this has 50 bits of entropy, roughly equivalent to a > 10-character password based on natural language [1]; a little fuzzing > and use of capitals will make the passwords chosen much more powerful, > but a 10-character password based on natural language really isn't that > shabby for a lower bound on password complexity.
Diceware[1] is a list of 6^5 short, easy-to-remember words along with instructions on how to generate passwords with a few dice rolls. Five words from their list gives you a little over 64 bits of entropy. [1] http://world.std.com/~reinhold/diceware.html
