From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B3B20138334 for ; Mon, 4 Feb 2019 13:22:11 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7BEE7E0A4A; Mon, 4 Feb 2019 13:22:05 +0000 (UTC) Received: from smarthost03d.mail.zen.net.uk (smarthost03d.mail.zen.net.uk [212.23.1.23]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 01FB8E09D4 for ; Mon, 4 Feb 2019 13:22:04 +0000 (UTC) Received: from [82.69.83.178] (helo=mail.digimed.co.uk) by smarthost03d.mail.zen.net.uk with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from ) id 1gqeCJ-0007pe-DW for gentoo-user@lists.gentoo.org; Mon, 04 Feb 2019 13:22:03 +0000 Received: from digimed.co.uk (fenchurch.digimed.co.uk [192.168.1.6]) by mail.digimed.co.uk (Postfix) with ESMTPA id E48FE656C1 for ; Mon, 4 Feb 2019 13:22:02 +0000 (GMT) Date: Mon, 4 Feb 2019 13:21:57 +0000 From: Neil Bothwick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Coming up with a password that is very strong. Message-ID: <20190204132157.37cc49bc@digimed.co.uk> In-Reply-To: <12204550.2pT58cCFQF@dell_xps> References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> <2593531.BapclQZ6Rp@peak> <20190204103703.184d5001@digimed.co.uk> <12204550.2pT58cCFQF@dell_xps> Organization: Digital Media Production X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu) X-GPG-Fingerprint: 7260 0F33 97EC 2F1E 7667 FE37 BA6E 1A97 4375 1903 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/OLN9MACyYLPr+5d2q2FW+yD"; protocol="application/pgp-signature" X-Originating-smarthost03d-IP: [82.69.83.178] Feedback-ID: 82.69.83.178 X-Archives-Salt: df84df2a-ccc8-4278-a7d3-660ee89cd936 X-Archives-Hash: f7b1493214e4320b28ef56501c7658ff --Sig_/OLN9MACyYLPr+5d2q2FW+yD Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 04 Feb 2019 11:17:13 +0000, Mick wrote: > > https://xkcd.com/936/ =20 >=20 > Not strictly true ... the crackers would probably use rainbow tables > attacks first. Also, it isn't fair to compare an 11 character passwd > against a 25 character passwd. For the *same* number of characters > used in any given passwd, a random lower/upper/numerical/symbol passwd > will provide an exponentially higher degree of difficulty in cracking > it with brute force, than one which uses only lower case dictionary > words. Anyway, these days many attacks are focused on OS or hardware > vulnerabilities which have been baked in by design, rather than brute > force attacks. I'm not sure xkcd is meant to be taken that seriously... --=20 Neil Bothwick Help a man when he is in trouble and he will remember you when he is in trouble again --Sig_/OLN9MACyYLPr+5d2q2FW+yD Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEGfLZTV7dXdQXh/dDdCdyyQfftocFAlxYPHUACgkQdCdyyQff toevVBAAhxpq7AOKayDlZt7XbAxvAnZWYJTlA0JJBv3EE4oMWZajAgx7yCdxv+4g Mh+hkqePYfDJYfW3g90O2jZb1VrWoqxaL+0bnzVWi+so8OF0X2uPHBuwzWSQ5WKG 6j+2CH34/P6i59OeCwZzdiXTt1gIo7ya3H6ecFm4pg6LV3aCFqCCRFdSxf+58gg+ StkPzo8VlC0cdJWTIJnr3ZxJifAurY8cD2Na5LXlxd/0U26u6SzIB8B6aiAvc+27 zxCxdiNs4IHcW4xit013N2DcieQ99i54DHIULHktgg/csjnQ7rDhS5YItTujxG8j K5r2YVqAZLhO0winh1MvnhsG2ky4AQpBbYhnL4cx9hhC/ECJE7ynKhGDwX96i9b6 XCT4tWefEHqJYqaVCV/LdI75YB93Ezlz7qtqEVXwdzRYhwOB10cwNzpB5dPwPaYj qMD+RlMNzZtJ36OvCYpB8SgT1Rg3mPwP7DR72QyC14n6SP7heYfm9uXDDPt0YNdk Sp1lB984UrlmIUYfMeuU+FhNIAka7QW+wfZUDoKofFl38odfUHbq0A6IeSfpusRF LgiV7uNc0dagYkfZvcEW9Iosq4B4Qic7zjxI5n5GPKlh5wCHAMaFY4wcYPHooV38 oN9sDkgZWdmPlziPplXzLQ/X2Uz2h1b4D3MXy8bYyoh8pXyW2XM= =ANSV -----END PGP SIGNATURE----- --Sig_/OLN9MACyYLPr+5d2q2FW+yD--