Good Users and Bad Passwords |
Written by Administrator |
Further to my other article about passwords, here is an update on what constitutes a good password: Good Users and Bad Passwords Here's an extract: What makes a strong password?The strength of a password is typically described using the term Entropy is usually expressed in bits: if we refer to a password as having n bits of entropy, it means that the entropy value is If we replace one or more letters with other characters, then the range (and therefore the entropy) will increase. There are 94 non-diacritic letters, numbers and special characters in US ASCII, so each will have approximately Therefore an eight-letter password which might contain any of these characters will have approximately However a sixteen-letter password with only lower-case letters will have To put that into some kind of context: a password with So in general terms, a long password with nothing but lower-case letters is better than a short password with a mixture of characters. |