• bjorney@lemmy.ca
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    5 months ago

    Words are the least secure way to generate a password of a given length because you are limiting your character set to 26, and character N gives you information about the character at position N+1

    The most secure way to generate a password is to uniformly pick bytes from the entire character set using a suitable form of entropy

    Edit: for the dozens of people still feeling the need to reply to me: RSA keys are fixed length, and you don’t need to memorize them. Using a dictionary of words to create your own RSA key is intentionally kneecapping the security of the key.

    • shrugs@lemmy.world
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      5 months ago

      so you are saying 44 bits of entropy is not enough. the whole point of the comic is, that 4 words out of a list of 2000 is more secure then some shorter password with leetcode and a number and punctuation at the end. which feels rather intuitive given that 4 words are way easier to remember