• StitchIsABitch@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Is that safe though? After seeing that XKCD I also thought it would be a good idea but then read that using passphrases is even worse because brute force attacks often use dictionaries as well to test word combinations, so one should use scrambled characters, just long enough to resist brute force.

    • Excrubulent@slrpnk.net
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      6 months ago

      The XKCD comic uses the entropy of common words assuming an informed cracker is using the best tools at their disposal, that being a dictionary attack. That’s why the entroy per character of the passphrase is so low compared to that of the special character password, but the passphrase can be much longer because it’s easier to remember, so that’s what gives it its higher total entropy.

      Explain XKCD goes into more detail about how the calculation was done: https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength