Passwords Are Finished, Say Hello To Passphrases … A Story of An Elm Tree and A Bonnet
The password as a concept is nearly finished, as it’s not too difficult to crack the hash versions of them. And so nine characters passwords can often be cracked within hours, and 10 character passwords with days. A major problem is the usage of words from a dictionary, and so we get passwords such as:
and which are almost impossible to remember.
And so for our passwords we should possibly move towards having phrases which link words together, and which can be easily memorized. For this the EFF are here to protect you, and so they have created a wordlist that can be used to create random passphrases:
They are generated by a roll of five dices [here]:
If we roll a dice with “1”, “1”, “1”, “1”, and “1”, we generate the word of “abacus”. So what’s the probability that I will guess your word? Well, there are six possible values so the probabaility will be:
Prob = 1 in 6⁵ = 1 in 7776 = 0.000128600823
But if I now use eight words, the chances of you finding it will be:
0.000128600823⁸ = 0.000 016 075 102 875
But, of course, you would have to know if I was using these strings. If you had to search a dictionary, then it would be 26^n, and where n is the number of characters in the phrase. If it have this phrase:
predator almanac erased maritime anaerobic ramrod deepness registry
We have 64 characters, and now the chances you will find it will be:
and which is 36 and ninety numbers.
So, let’s use Rust, to install genpass, with:
cargo install genpass
A sample run is [here]:
Passphrase: finite brim
and with 18 characters [here]:
Passphrase: widget job spinout
and with 64 characters [here]:
Passphrase: elm diagram eatery bonnet rescuer confused salary swimwear dissuade
In this case, we could create a mindmap of seeing an elm tree, with a diagram on it, and which shows the way to an eatry, and as we enter, we see a person with a honnet on … and so on.
So go and generate your own story: