BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Password managers
- Subject: [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- Date: Wed, 6 May 2020 09:57:36 -0400
- In-reply-to: <5eb223cd.1c69fb81.6fa04.3ab5@mx.google.com>
- References: <9c4a5c7e-55aa-8ae1-da3b-4512cb2ae85c@gmail.com> <5eb1f81d.1c69fb81.80c8b.07ca@mx.google.com> <CANiupv686GBC5EZVsiEf831-b4i0E3NjZ3fnsDToM02z1zjUNg@mail.gmail.com> <5eb223cd.1c69fb81.6fa04.3ab5@mx.google.com>
On 5/5/20 10:41 PM, Rich Pieri wrote: > * Run: "pwgen -nsB ##" (where ## is typically 16 or more) Remember that there is a *big* difference between a password that is a password and one that is used for encryption. A password (if not reused between sites) does not have to be particularly strong. 30-bits of entropy is a lot for a password that has rate-limited attempts, but for encryption where attacks which can be run in parallel it is nothing, one should have over 100-bits. A money machine PIN has only 13-something bits of entropy, yet I think I have only ever heard of one ATM weakness arising from the short PINs. -kb
- Follow-Ups:
- [Discuss] Password managers
- From: kentborg at borg.org (Kent Borg)
- [Discuss] Password managers
- References:
- [Discuss] Password managers
- From: j.natowitz at gmail.com (Jerry Natowitz)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- From: sweetser at alum.mit.edu (Doug)
- [Discuss] Password managers
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] Password managers
- Prev by Date: [Discuss] Password managers
- Next by Date: [Discuss] Password managers
- Previous by thread: [Discuss] Password managers
- Next by thread: [Discuss] Password managers
- Index(es):