On Wed, Oct 22, 2008 at 06:11:23PM +0200, Bernhard Kleine wrote: > > With respect to randomness, do you have an idea how passphrases which > use first letters of e.g. songs or poems (with lower and uppercase > letters in german) are rated? >
It all depends on how big a pool of songs/poems you have, I guess. Intuitively, I guess it's not that good, but it again depends on who is out to get you. :) My $0.02: I use Diceware for really important passphrases. 7 or 8 Diceware words is somewhere near 128 bits of entropy (I don't remember exactly, but I think 9 words is the first level above 128 bits). I have never had problems remembering even 8-word ones (after a few tries it just sticks in my muscle memory, I wouldn't be able to reproduce them without a querty keyboard :) I have hard copies of course, stored secure enough considering my needs and resources (can't really hire armed guards ;) So, presuming the actuall list from which you pick words is valid and you use a reasonably good set of dices to choose them, I think it is an optimal way of generating strong passphrases. --nik -- Be different: conform. http://datasnok.org/
pgp2OzEuIaYJ5.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
