Educause Security Discussion mailing list archives

Re: Password entropy

From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Mon, 24 Jul 2006 13:01:06 -0500

At 12:05 PM 7/24/2006, Basgen, Brian put fingers to keyboard and wrote:

This isn't going to be strong when combined with regular words. "At the
moment" is 13 characters, at 3.5 bits of entropy, gives us 45.5 bits
total.


OK...so how long can I expect this phrase to last?  Are there tools or
spreadsheets that allow you to evaluate various combinations?

As I said, I'm not looking for unbreakable, just long enough that the
phrase is likely to survive long enough that our regular passphrase
expiration will make it useless.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Current thread:

Re: Password entropy, (continued)
- Re: Password entropy Paul Russell (Jul 23)
- Re: Password entropy James H Moore (Jul 23)
- Re: Password entropy Valdis Kletnieks (Jul 23)
- Re: Password entropy Harold Winshel (Jul 24)
- Re: Password entropy Robert Kerr (Jul 24)
- Re: Password entropy Graham Toal (Jul 24)
- Re: Password entropy Roger Safian (Jul 24)
- Re: Password entropy Graham Toal (Jul 24)
- Re: Password entropy Valdis Kletnieks (Jul 24)
- Re: Password entropy Basgen, Brian (Jul 24)
- Re: Password entropy Roger Safian (Jul 24)
- Re: Password entropy Harold Winshel (Jul 24)
- Re: Password entropy Jimmy Kuo (Jul 24)
- Re: Password entropy Valdis Kletnieks (Jul 24)
- Re: Password entropy Roger Safian (Jul 25)
- Re: Password entropy Basgen, Brian (Jul 25)
- Re: Password entropy Alan Amesbury (Jul 25)
- Re: Password entropy Valdis Kletnieks (Jul 25)