[148678] in cryptography@c2.net mail archive
Re: [Cryptography] Passwords are dying - get over it
daemon@ATHENA.MIT.EDU (Bill Frantz)
Tue Dec 24 19:01:01 2013
X-Original-To: cryptography@metzdowd.com
Date: Tue, 24 Dec 2013 15:27:30 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <2409E53C-9AAD-4028-8C69-55311A182E7F@me.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 12/24/13 at 1:36 PM, agr@me.com (Arnold Reinhold) wrote:
>You get 120-bits with 7 Diceware words and 30 bits of
>stretching, close enough to full 128-bit strength, and three
>words fewer than are needed without any key stretching, e.g.:
>
>hamlin jig cub naiad frey allyn pig
>
>Those three fewer words can make the difference between a
>passphrase that an ordinary person can remember and an burden
>most will shun. The vital role key stretching plays can be
>thought of as impedance matching crypto security systems to
>human memory capabilities.
This is a password that I will have to be entering every day or
write down. (I'm an old man and my memory isn't as good as it
used to be.) There are three words, hamlin, naiad, and allyn
that I, as a native English speaker can't define. (The spell
checker fails hamlin and allyn.) I'd have to learn to spell at
least two of them.
The need for entropy in passwords has already passed my
diminished abilities. If you're looking for universal adoption,
there's a problem.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | Airline peanut bag: "Produced | Periwinkle
(408)356-8506 | in a facility that processes | 16345
Englewood Ave
www.pwpconsult.com | peanuts and other nuts." - Duh | Los Gatos,
CA 95032
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
