Unfortunately, this is not such a great idea. The average
person has a vocabulary of between 2000 and 5000 words (i'm
not totally sure about those numbers, but i'm on the same
order of magnitude). So assuming you can use up to 5000
words and make things easy to remember (which is the whole
point), that gives you a search space of 25,000,000. That
would be crackable minutes. Add on two random digits
increases the search space by a factor of 100. That gives
you 2,500,000,000 passwords to check, which is checkable in
an hour or two at the most.
Bottom line is, dictionary words never make secure passwords. English text only has about 1.5 bits of entropy
per letter. At work, we strongly discourage our users from using dictionary words from any language
-Mark
mlogan@ccs.neu.edu | [reply] [Watch: Dir/Any] |