There are ~100 symbols on the US keyboard, many not permitted in a lot of online passwords (stupidly).
There are 11 words in the “passphrase”. Fight, letter, open, urge, weapon are not in the 100 most common English words. Urge is not in the 1000 most common English words (let alone fights vs fight, or opener vs open).
I think it would be a fairly strong password. You can reduce the entropy a bit by predicting likely next words in a sequence, but that would be defeated by adding some non sequitur(s). “fights the urge to use a letter opener as a scooter” or something.
Capitalization, intentional typos, spaces or not, ending punctuation? There a for sure ways to improve it as a password while still keeping the easy to remember, easy to type aspect. Overall it’s a great strategy to teach people for making passwords.
Sure just if fully given in this way it’s basically the same as an 11 character password. And more damning is it’s not really random. I’d use this as a case of more education on longer passphrases aren’t always longer entropy on their own if they are non random phrases is all. And there’s a lot of different word lists out there. I’d give this a go on my system and see if a guided run with the knowledge of how things were built can brute force it.
The big thing is a secure passphrase or password should be resistant to attacks even if there is perfect knowledge of how it was generated. In this case all lower case English words in a non random phrase works against that.
Those do make good passwords though. Had a company switch from 10 characters including special, caps, numbers lower upper requirements to 15+ with no requirements because it still would end up being harder to crack. Started using phrases where you could even put spaces, but in all lower case for me if was much quicker to type
Tangerine$45 is much harder for me to type than
whatthefuckamidoinghere
I think it’s because I have to pause to think shift 4, then hit 4 and remember if my fingers are still by the 4.
All just examples but the standard keys… Are all automatic for me because of use.
That’s a really long password no wonder they forgot it.
Sick entropy, though.
Depends, if you treat the individual letters sure but if you look at the words as the atom of information most password crackers wouldn’t take long.
There are ~100 symbols on the US keyboard, many not permitted in a lot of online passwords (stupidly).
There are 11 words in the “passphrase”. Fight, letter, open, urge, weapon are not in the 100 most common English words. Urge is not in the 1000 most common English words (let alone fights vs fight, or opener vs open).
I think it would be a fairly strong password. You can reduce the entropy a bit by predicting likely next words in a sequence, but that would be defeated by adding some non sequitur(s). “fights the urge to use a letter opener as a scooter” or something.
Capitalization, intentional typos, spaces or not, ending punctuation? There a for sure ways to improve it as a password while still keeping the easy to remember, easy to type aspect. Overall it’s a great strategy to teach people for making passwords.
Sure just if fully given in this way it’s basically the same as an 11 character password. And more damning is it’s not really random. I’d use this as a case of more education on longer passphrases aren’t always longer entropy on their own if they are non random phrases is all. And there’s a lot of different word lists out there. I’d give this a go on my system and see if a guided run with the knowledge of how things were built can brute force it.
The big thing is a secure passphrase or password should be resistant to attacks even if there is perfect knowledge of how it was generated. In this case all lower case English words in a non random phrase works against that.
Got me, haha. Thanks for the laugh.
Those do make good passwords though. Had a company switch from 10 characters including special, caps, numbers lower upper requirements to 15+ with no requirements because it still would end up being harder to crack. Started using phrases where you could even put spaces, but in all lower case for me if was much quicker to type
Tangerine$45 is much harder for me to type than whatthefuckamidoinghere
I think it’s because I have to pause to think shift 4, then hit 4 and remember if my fingers are still by the 4.
All just examples but the standard keys… Are all automatic for me because of use.
My most secure password is a full phrase of over 40 characters, plus punctuation.