As mentioned elsewhere, passphrases created using one of the short wordlists might be easier to remember and type, but don't provide as much strength per word.ĮFF's Long Wordlist, for use with five diceĮFF's Short Wordlist #1, featuring only short words, for use with four diceĮFF's Short Wordlist #2, for use with four dice, featuring longer words that may be more memorable. You can follow our passphrase-generating instructions above, using four dice instead of five. When using one of our short wordlists (which contain 1296 words), roll only four dice at once. Different wordlists may produce passphrases with different degrees of memorability, but you don't get a significantly different passphrase strength by using one wordlist over another, if the lists are the same length. The more words you use, the stronger the passphrase. We recommend selecting a minimum of six words from our long wordlist, or when using any other list of this size. Notes on Using the Different WordlistsĮFF's new long list, referenced in the directions above, is designed for memorability and passphrase strength. If you reuse a passphrase and it ends up being leaked in a data breach or otherwise discovered, it can be used to try to access your other accounts. Sometimes password databases or websites get compromised. Your passphrase should only be used for a single purpose, and especially should not be used for more than one online account. Other great uses are the passphrase for an encryption key (like your PGP or SSH key), or, especially, for unlocking a password safe or password manager application. The large number of possibilities makes it much harder for someone to crack even if they get ahold of your device and use encryption-cracking hardware. Your passphrase is especially suitable when directly used to encrypt information, like for full-disk encryption on your laptop or mobile device. This is not necessarily true for an online account, where the speed and quantity of guesses will be limited, but it could be true in other cases (for instance, if someone gets ahold of your device and is trying to crack its encryption password). That means short passwords of any kind, even totally random ones like nQ\m=8*x or !s7e
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |