Good but *do* throw a random character in there, otherwise your passphrase is es... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

athenot on Feb 28, 2018 | parent | context | favorite | on: The Feds Can Now Probably Unlock Every iPhone Mode...

Good but do throw a random character in there, otherwise your passphrase is essentically a few characters long in a (larger) alphabet—ie, a dictionary sorted by most frequently used words. Or at least use some uncommon words.

    70^8   = 576480100000000   // 8 chars of upper/lower case, numbers, symbols
    4000^4 = 256000000000000   // 4 words pulled from a vocabulary of 4000 words

    word          rank
    ------------- ----
    correct       1808
    horse         1286
    battery       3221
    staple        (not in the first 4000)

https://xkcd.com/936/ (For those who were wondering about the context.)

jsjohnst on Feb 28, 2018 [–]

> Good but do throw a random character in there

There is, but that part isn't the important part. The important part is using a long pass phrase rather than a multi digit number.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact