![]() In the specific case of Diceware, you use five throws of ordinary six-sided dice to generate about 12.9 bits (log2(6^5) = log(6^5) / log(2) ~ 12.92481. Also, in Diceware, if the generated sequence of words makes sense linguistically, you are actually supposed to start over.) In proper Diceware, you use a random physical process (throwing physical dice) to gather randomness, then convert that randomness into words by looking up the numbers in a list of words. (Diceware is similar to the scheme described in XKCD 936, but more explicit on how to gather the randomness. Instead, I like to recommend Diceware style passphrases. With today's computing resources, that's just not a practically achievable goal with a simple password any longer. Traditionally, this has led to the use of weird password schemes which have tried to combine the goals of making passwords memorable as well as making them secure. Thus, you should ensure that this password has a corresponding level of security. ![]() This is for a rather simple, fundamental reason: this one password, together with the encrypted password database that it protects, essentially allows full access to every account for which you have credentials stored within that database. ![]() (This is irrespective of which password manager you are using.) Let's first establish clearly what should be a common sense truth: A password manager master password is a very high value secret.
0 Comments
Leave a Reply. |