Re: Password entropy

[Graham Toal <gtoal () UTPA EDU>]

> I'm not real clear on the "entropy" concept but it has 
> something to do with the pattern?

I'm not sure it's the right word in this context, but I believe
this is what they're talking about:

if you have an 8 character password and the characters are
chosen randomly, and each character is only lower case alphabetic,
then the number of possible passwords available is 26^8


Now lets look at a pass phrase.  Say we allow 3 words - this is
far more than 8 characters so a naive calculation based solely on
character length would say this is stronger.  But in fact we've
limited each unit of our 'alphabet' to be an English word, of which
(let's say) there are 100,000.  So the strength of a 3-word
passphrase might be 100,000^3

However unless you're really stretching your vocabulary, those
words are probably taken from your active vocabulary, which might
be only 10,000 words, so the strength is only 10,000^3

But what is worse is that there is a pattern involved: to make
it easier to remember, you use a grammatically correct phrase,
such as "subject verb object".  Lets say our vocabulary has
9000 nouns and 1000 verbs, then our password space is only
9000*1000*9000.

This is far easier to crack.  It is this reduction in strength
which I think some of the posters were saying that the password
strength calculator (which I haven't seen myself so this may
not in fact be true) doesn't take into account.

By the way, this is why pass phrases have to be quite long to have
equivalent strength to a password.

(Now, the entropy of a random number source is something quite
different, and I think in that case entropy is the right word
to use.  I'll be happy to talk about random numbers in the
context of random password generation if anyone is considering
implementing one of these, as this is the biggest source of
weakness in generated passwords)

Graham