Password strengh meter in KNewPasswordDialog
mpyne at kde.org
Thu Apr 4 00:11:05 BST 2013
On Wednesday, April 03, 2013 18:47:17 Cristian Tibirna wrote:
> On Wednesday 03 April 2013 22:39:47 Rolf Eike Beer wrote:
> > Hi all,
In fairness, common dictionary words (no matter how long) have less entropy
than you would get just from adding the letters. Each word can simply be
considered a letter in a larger alphabet. E.g. a 4-word "long" password from
within the 500 most common words is one of only 6.25e10 possibilities.
So I'd use dictionary words as a supplement to other means, not by itself. The
authors of JohnTheRipper surely read XKCD just as we do. :)
> > so a password
> > containing only lowercase characters and numbers needs to be much longer
> > than one also containing specials and uppercase characters.
> Really, this whole "can be short because has mixed types of characters"
> nonsense has to die.
> There is a math theory behind password strength. There might even be
> libraries capable of measuring this properly.
Completely agreed. If anything it seems that even the idea of "password
entropy" might not apply to any passwords that a human generates . In such
a scenario it may be best to simply correlate "password strength" loosely with
- Michael Pyne
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part.
More information about the kde-core-devel