424

Creating a password in 2023 be like(programming.dev)

posted
by
Avatar
Like A Duck@programming.dev
in
Avatar
programmerhumor@lemmy.ml
97 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
CanadaPlus@lemmy.sdf.org
8 points
*

The idea is that entropy is measured with possible words instead of possible characters. It turns out 7 7-bit ascii characters have less entropy than 4 14-bit equivalent words (that is, the 16,384 most common ones). And that’s in the ideal case it’s a totally random 7 characters.

Every attack is technically a dictionary attack here, but it doesn’t help enough because the password to a computer is still 30 characters long. To a human it seems a lot easier than ")f1:.{yJCzNv]@R=S  K$~= ", though.

PS. Turning /dev/random output into 7-bit ascii characters is surprisingly involved in Haskell. C would have been easier. This was the world’s slowest ninja edit.

permalink
report
parent
reply
Avatar
geissi@feddit.de
1 point

Thanks for the explanation, I remember the explanation in https://xkcd.com/936/ but wasn’t sure how that held up for different attack methods.

permalink
report
parent
reply

Programmer Humor

!programmerhumor@lemmy.ml

Create post

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

  • Posts must be relevant to programming, programmers, or computer science.
  • No NSFW content.
  • Jokes must be in good taste. No hate speech, bigotry, etc.

Community stats

  • 3.6K

    Monthly active users

  • 1.5K

    Posts

  • 35K

    Comments

Community moderators