top | item 14969197

(no title)

admiun | 8 years ago

The XKCD method of generating passwords [1] does not imply 'best case' entropy of crackers going after each individual character. Instead it clearly states 44 bits of entropy which is the 'worst case' entropy when the attacking knows your exact method and dictionary used when generating the password.

I'd argue that when targeting the same number of bits of entropy the XKCD method is still easier to remember than a bunch of fully random characters.

[1] https://xkcd.com/936/

discuss

No comments yet.