May. 1st, 2011

trochee: (Default)
  • What Inception *should* have been & what Dark Knight *could* have been, but it's only in the mind of a mad fan: http://youtu.be/6RppxhOdby4 #

Mirrored from Trochaisms.

trochee: (movies)

Thomas Baekdal’s post on using passphrases (from 2007) came up again two weeks back. In that post, Baekdal maintained the following thesis (I paraphrase):

Passphrases are better than passwords, because they are easier to remember and (because they are longer) they are “mathematically” harder to crack.

A series of security articles last week pointed to his post, and it received a round of retweets, including William Gibson‘s approving retweet.  The security articles that raised this article from the gloomy depths of 2007 were critiques, though, and Baekdal took the time to respond to those critiques.

Unfortunately, Baekdal is still badly misled (and misleading!) about his “mathematical” evidence regarding multiword expressions and the use of dictionaries to attack these.  The short form of the problem is:

The suggestions Baekdal proposes for better passphrases are themselves information leaks: they give clever crackers more –not less — information about the structure of your secret.

I address two of these leaks after the jump:

Read the rest of this entry »

Mirrored from Trochaisms.

Profile

trochee: (Default)
trochee

June 2016

S M T W T F S
   1234
567 89 1011
12131415 161718
19202122232425
2627282930  

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 15th, 2025 09:16 am
Powered by Dreamwidth Studios