[Discuss] deadmanish login?

On 2/3/2017 8:47 AM, Kent Borg wrote:
> I'll change it to 12-honey-denver-doctor then!
> No one will even guess that.

A dedicated Hashcat rig can "guess" it within 5 minutes.

Take a 2K word list. There are about 8 billion (2^33) possible
combinations of 3 words from this list. Add the 2 character prefixes and
you approach 2^40 possible combinations. Sounds like a lot but it's
still fewer than the entire DES keyspace (2^56). How random your
sequences are doesn't matter when the set of all possible sequences is
so weak.

Rich P.

