Conversation:

Notices

1. kuro (kuro)'s status on Wednesday, 26-Feb-2014 07:02:21 EST kuro

   Remote profile options...
   Bruce Schneier: Choosing a Secure Password http://qttr.at/c67 !security
   1. Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca (bobjonkmanformer)'s status on Wednesday, 26-Feb-2014 12:51:40 EST Former Bob Jonkman -- Please use the new server at https://gs.jonkman.ca

      Remote profile options...
      Things I teach people: 1) Use a password manager. 2) If you don't use a password manager, choose a long, memorable phrase. The longer, the better. 2a) Make it easily typeable. I know people who have strong, long passwords, but can't remember how to type them. As Schneier points out, PW cracking tools try variations on 1337$p34|< anyway, so funny symbols don't add much protection. 2…
   2. Joshua Judson Rosen (rozzin)'s status on Thursday, 27-Feb-2014 00:51:19 EST Joshua Judson Rosen

      Remote profile options...
      But... "gonefishing1125" is not using the #xkcd #password scheme.... By Randall's metric, it's got only ~22–33 bits of #entropy....
   3. Joshua Judson Rosen (rozzin)'s status on Thursday, 27-Feb-2014 21:15:58 EST Joshua Judson Rosen

      Remote profile options...
      And... actually, "gonefishing" isn't even two independent words. So isn't "gonefishing1125" more like ~11–24 bits of #entropy? !security