[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <5706DAC6.4060508@bestmx.net>
Date: Fri, 8 Apr 2016 00:10:14 +0200
From: "e@...tmx.net" <e@...tmx.net>
To: passwords@...ts.openwall.com
Subject: Section 3.4 of "A Canonical Password Strength Measure"
This section has created most of the buzz.
It is not the main point of the article, it is merely an example
application. ...in the following sense:
you had a feeling that a really long password (such a valid English
sentence) would do the job -- i understand this sentiment, but without a
clearly defined password strength measure we can not argue about it at
all -- with the proposed measure you can actually claim that the
strength of a passphrase is guaranteed to be higher than the mainstream
"strong" passwords recommended by popular creation policies.
or you can show me that this statement is wrong.
either way it gives you some idea how to use the metric.
of course, i believe that passphrases are strong and unbelievably
convenient, but i admit i did not supply enough evidence for that in the
present paper (because the focus of the paper is elsewhere).
P.S.
I am now trying to design a huge password memorability experiment
involving all my ideas vs popular policies.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
