[Discuss] Password managers
Kent Borg
kentborg at borg.org
Wed May 6 13:42:08 EDT 2020
On 5/6/20 1:32 PM, Rich Pieri wrote:
> On Wed, 6 May 2020 13:05:58 -0400
> Kent Borg <kentborg at borg.org> wrote:
>
>> Except 16+ is overkill for a password. (*Password*, not encryption
>> passphrase--the two are extremely different uses.)
> Except... they're not. 16 random (I'm assuming) characters is what
> Google use for application passwords. Which are in fact passwords in
> their use. That's my base line.
What are you trying to accomplish with these 16-random-characters?
That's only about 75-bits of entropy, so not a very good encryption key,
so you must mean password. So what are you trying to do? Stop a brute
force guessing foe? Give me some arithmetic for why you need 75-bits of
entropy for that... (And why doesn't your bank need 75-bit PINs?)
-kb
More information about the Discuss
mailing list