Featured Post

Linux daemon using Python daemon with PID file and logging

The python-daemon package ( PyPI listing , Pagure repo ) is very useful. However, I feel it has suffered a bit from sparse documentation, an...

2012-03-14

Are multi-word passphrases more secure than normal passwords?

Some researchers at University of Cambridge Computer Laboratory have taken a closer look at the recently popular claim that multi-word passphrases, being several times longer, are more secure than a regular password (generally 8 to 12 characters).
The results are discouraging: by our metrics, even 5-word phrases would be highly insecure against offline attacks, with fewer than 30 bits of work compromising over half of users. The returns appear to rapidly diminish as more words are required.
They recommend a tool such as Diceware for generating passphrases.

http://xkcd.com/936/