Comment on [deleted]
nimpnin@sopuli.xyz 2 months agobut iirc the bottom half has been sort-of half debunked
Any source for this? It’s literally just random words. Just pick from a large enough list and you’re good.
Comment on [deleted]
nimpnin@sopuli.xyz 2 months agobut iirc the bottom half has been sort-of half debunked
Any source for this? It’s literally just random words. Just pick from a large enough list and you’re good.
A_norny_mousse@feddit.org 2 months ago
Things a password cracker does before brute force guessing:
nimpnin@sopuli.xyz 2 months ago
If you pick 4 random words, the attacker would still need to brute force through (hundreds of?) billions of word combinations. That’s the point.
hangonasecond@lemmy.world 2 months ago
Yeah you’re correct. The person you’re replying to is treating dictionary attacks as separate from brute forcing. Dictionary attacks are great on short passwords using likely words, but as soon as you use 2 or 3 or 4 words it becomes computationally unfeasible. I would say a completely random string of the same or much less length is more secure because a dictionary attack won’t work at all, but 3-4 word passphrases are excellent for passwords that you have to manually enter ever.