<html><head></head><body><div class="yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:13px;"><div>I decided to go ahead and work out some examples.<br></div><div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">First table shows password character sets of 26, 52, 62 and 70 characters. Then the possible probabilities for different lengths.<br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">For example, a length of 8 characters with the largest character set has 6 E 14 possibilities.A length of 9 chars and only mixed case letters has 3E15 possibilities. 10 characters, with no case is almost as good. <br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">So, forget the special characters and use looong passwords.<br></div><div dir="ltr" data-setdir="false"><div><pre class="ydp2c5c8643western"> letters letters Letters & letters
no case mixed case numbers numbers
punctuation
chars: 26 52 62 70
length
4 5E+05 7E+06 1E+07 2E+07
8 2E+11 5E+13 2E+14 6E+14 *
9 5E+12 3E+15 * 1E+16 4E+16
10 1E+14 * 1E+17 8E+17 3E+18
12 1E+17 4E+20 3E+21 1E+22
16 4E+22 3E+27 5E+28 3E+29
24 9E+33 2E+41 1E+43 2E+44
32 2E+45 8E+54 2E+57 1E+59</pre>
</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">This
thread started with a reference to kxcd and using several random dictionary
words. <br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">The following table has some examples for different size
dictionaries. Someone mentioned a dictionary of only 500 words. I
think the well educated English speaker knows thousands of words. Or
one might use a language from Scandinavia, or just one or two good German words. <br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">So 4 words from a rather large dictionary is
also 6E14, the same as 8 characters including punctuation. 6 words from
the small dictionary would be even better.</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false">Now,
naturally passwords made of even 4 words is many letters; the xkcd
example is 25 letters. So we are back to the same conclusion: use
really long passwords. <br></div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" data-setdir="false"> kxcd style
</div></div><div><pre class="ydpd9a5a942western">dict: 500 words 1000 words 5000 words 10000 words
length
4 6E+10 1E+12 6E+14 * 1E+16
6 2E+16 1E+18 2E+22 1E+24
8 4E+21 1E+24 4E+29 1E+32
10 1E+27 1E+30 1E+37 1E+40</pre>
</div>Now a different question. Who
can actually try a large number of logins? In my experience just
trying to get into my own account, it takes a second to get a response
that I messed up. That limits my attempts to not very many in an hour.
Also, If I mess up more than 4 or 6 times in a row, I get locked out
and have to phone the bank for assistance.</div><div dir="ltr" data-setdir="false"><br></div><br> <br> <br> On Wednesday, April 15, 2020, 12:45:54 PM PDT, Rick Moen <rick@linuxmafia.com> wrote: <br><br><br><br><br><br>Quoting Texx (texxgadget@gmail.com):<br><br>> That was one place you SHOULD correct people because password<br>> misunderstanding is a danger to the ENTIRE community.<br><br>It's not difficult to do the math and spot that Paul simply had terms<br>reversed. <br><br><div><br></div></div></body></html>