Re: How long do you make the passphrase for the private key?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, 2019-06-25 at 12:41 +0200, Bennett Piater wrote:
> 
> On 2019-06-25 12:11, Ralf Mardorf via arch-general wrote:
> > Six words are just six words out of an assessable vocabulary.
> > 
> > "This level of unpredictability assumes that a potential attacker knows
> > that Diceware has been used to generate the passphrase, knows the
> > particular word list used, and knows exactly how many words make up the
> > passphrase." - https://en.wikipedia.org/wiki/Diceware
> > 
> 
> You seem to be misunderstanding that statement.

I'm not, from the same email you are quoting incomplete:

"13 rAnd0.m_C?arS are probably less secure, than 13 random words,
because even an illiterate human knows more words, than we have got keys
on a keyboard. This is indeed speaking pro Diceware :)."

So I agree, that Diceware seems to be the best method without using
special hardware.

The comment of my follow-up email, is just a joke:

"OTOH if I should talk in my sleep, it would be easier for my fraudulant
girlfriend Mata Hari to catch words, than the (not enough, to modern
security standards) random chars I'm using at the moment."



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux