Educause Security Discussion mailing list archives

Re: Password entropy

From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 20 Jul 2006 08:29:50 -0500

At 06:45 PM 7/19/2006, Basgen, Brian put fingers to keyboard and wrote:

Scott,

Which is a better password?

     abcdefghijklmnopqrstuvwxyz
     1angtPalftm


The second one is better by far. Cracking time is a function of
entropy, the more basic the pattern, the less entropy. The first
'password' you show has a very simple pattern.


Are there programs out there now that are smart enough to figure that
out though?  I haven't seen them.  Most seem to try variations on
a pattern.  Now you could seed that pattern, but that seems a bit
like cheating to me.


--
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Current thread:

Re: Password entropy, (continued)
- Re: Password entropy David Gillett (Jul 19)
- Re: Password entropy Roger Safian (Jul 19)
- Re: Password entropy scott hollatz (Jul 19)
- Re: Password entropy Valdis Kletnieks (Jul 19)
- Re: Password entropy Dave Koontz (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Basgen, Brian (Jul 19)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Graham Toal (Jul 20)
- Re: Password entropy Valdis Kletnieks (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Roger Safian (Jul 20)
- Re: Password entropy Basgen, Brian (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
- Re: Password entropy Harold Winshel (Jul 20)
- Re: Password entropy Graham Toal (Jul 21)
- Re: Password entropy Roger Safian (Jul 21)

(Thread continues...)