On 13/02/23 21:14, Viktor Dukhovni wrote:
On Mon, Feb 13, 2023 at 02:44:24PM -0500, Phil Stracchino wrote:
On 2/13/23 13:30, Viktor Dukhovni wrote:
The apparent user name was "dnew...@networktest.com", and the password,
though partly mangled, was something like:
dialer-vinegar-agora-fastness3
??????
That looks similar to the xkcd password generation scheme ... which
sounds good if you don't really think about it, but actually is
shockingly cryptographically weak, something like 1.5-2.5 bits of
entropy per WORD if memory serves.
No, that estimate is way off. It is more like 1.5-2 bits per byte, not
per word. With words taken at random from a plausible dictionary of
~64k words, you get 16 bits per word, or ~64 bits for the above.
Isn't this estimate based on the assumption that the scheme used to
generate the password is known?
Cheers,
Dan
