Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 8 Apr 2016 00:10:14 +0200
From: "" <>
Subject: Section 3.4 of "A Canonical Password Strength Measure"

This section has created most of the buzz.
It is not the main point of the article, it is merely an example 
application. the following sense:

you had a feeling that a really long password (such a valid English 
sentence) would do the job -- i understand this sentiment, but without a 
clearly defined password strength measure we can not argue about it at 
all -- with the proposed measure you can actually claim that the 
strength of a passphrase is guaranteed to be higher than the mainstream 
"strong" passwords recommended by popular creation policies.

or you can show me that this statement is wrong.

either way it gives you some idea how to use the metric.

of course, i believe that passphrases are strong and unbelievably 
convenient, but i admit i did not supply enough evidence for that in the 
present paper (because the focus of the paper is elsewhere).

I am now trying to design a huge password memorability experiment
involving all my ideas vs popular policies.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.