On Mon, Mar 30, 2009 at 11:29 AM, ss <[email protected]> wrote: >> > nuimtuuh > > Since there are a lot of cryptowhatever folks on here - would this be an > easier password to break because 3 of 8 characters are "u" - or is it naive > to think that uuuuuuuu is a bad password.
Short answer: yes, it is a bad password. Slightly longer answer: It is a bad password because it does not contain much entropy [1]. Before you spend time poring over the link referenced above, I would recommend [2], [3] and [4]. Especially the last one. Udhay [1] http://en.wikipedia.org/wiki/Entropy_(Information_theory) [2] http://www.schneier.com/blog/archives/2007/01/choosing_secure.html [3] http://world.std.com/~reinhold/diceware.html [4] http://ars.userfriendly.org/cartoons/?id=19990814&mode=classic -- ((Udhay Shankar N)) ((udhay @ pobox.com)) ((www.digeratus.com))
