[conspire] Password permutations (was: Correction)

Texx texxgadget at gmail.com
Wed Apr 15 14:24:40 PDT 2020


So if you are going to take advantage of the larger dictionary,
how does this help you, unless you can be sure that the word you found in
the larger dictionary is not in the smaller dictionary?


On Wed, Apr 15, 2020 at 2:16 PM paulz at ieee.org <paulz at ieee.org> wrote:

> I decided to go ahead and work out some examples.
>
> First table shows password character sets of 26, 52, 62 and 70 characters.
> Then the possible probabilities for different lengths.
>
> For example, a length of 8 characters with the largest character set has 6
> E 14 possibilities.A length of 9 chars and only mixed case letters has 3E15
> possibilities.   10 characters, with no case is almost as good.
>
> So, forget the special characters and use looong passwords.
>
> 	letters	    letters	    Letters &	      letters
> 	no case	    mixed case	    numbers	       numbers
> 						      punctuation
> chars:    26		52		62		70
>
> length			
> 4	5E+05		7E+06		1E+07		2E+07
> 8	2E+11		5E+13		2E+14		6E+14 *
> 9	5E+12		3E+15 *    	1E+16		4E+16
> 10	1E+14 *		1E+17		8E+17		3E+18
> 12	1E+17		4E+20		3E+21		1E+22
> 16	4E+22		3E+27		5E+28		3E+29
> 24	9E+33		2E+41		1E+43		2E+44
> 32	2E+45		8E+54		2E+57		1E+59
>
>
> This thread started with a reference to kxcd and using several random
> dictionary words.
>
> The following table has some examples for different size dictionaries.
> Someone mentioned a dictionary of only 500 words.  I think the well
> educated English speaker knows thousands of words.  Or one might use a
> language from Scandinavia, or just one or two good German words.
>
> So 4 words from a rather large dictionary is also 6E14, the same as 8
> characters including punctuation.  6 words from the small dictionary would
> be even better.
>
> Now, naturally passwords made of even 4 words is many letters; the xkcd
> example is 25 letters.  So we are back to the same conclusion: use really
> long passwords.
>
>                                 kxcd style
>
> dict:	500 words	1000 words	5000 words	10000 words
>
> length
> 4	6E+10		1E+12		6E+14 *		1E+16
> 6	2E+16		1E+18		2E+22		1E+24
> 8	4E+21		1E+24		4E+29		1E+32
> 10	1E+27		1E+30		1E+37		1E+40
>
> Now a different question.  Who can actually try a large number of
> logins?    In my experience just trying to get into my own account, it
> takes a second to get a response that I messed up.  That limits my attempts
> to not very many in an hour.  Also, If I mess up more than 4 or 6 times in
> a row, I get locked out and have to phone the bank for assistance.
>
>
>
>
> On Wednesday, April 15, 2020, 12:45:54 PM PDT, Rick Moen <
> rick at linuxmafia.com> wrote:
>
>
>
>
>
> Quoting Texx (texxgadget at gmail.com):
>
> > That was one place you SHOULD correct people because password
> > misunderstanding is a danger to the ENTIRE community.
>
> It's not difficult to do the math and spot that Paul simply had terms
> reversed.
>
>
> _______________________________________________
> conspire mailing list
> conspire at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/conspire
>


-- 

R "Texx" Woodworth
Sysadmin, E-Postmaster, IT Molewhacker
"Face down, 9 edge 1st, roadkill on the information superdata highway..."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/conspire/attachments/20200415/c0f78c99/attachment.html>


More information about the conspire mailing list