On 13/02/2023 22:43, raf wrote:
> And for diceware style passphrases to be meaningful,
> it's important that none of the words are "picked" by a
> human. They must be random. Then, it doesn't matter if
> they are common words or not.
A human can throw in a misspelt or foreign-language word. Probably optimum if
(s)he doctors a truly random selection.
Also, don't forget numbers and special characters etc. I think a human would
need to add those, too.
It occurs to me that, once "the enemy" gets past dictionary searches, they
won't know the actual password length. They
would have to explore random character sequences of EVERY length - and not just
that of YOUR password...
Allen C
