[Cryptography] Recommendations for short AES passphrases

[ıuoʎ]

Though I've been following this list for a while my understanding of
cryptography is very basic.
So forgive me if I hope I haven't mixed any terms or got anything horrobly
wrong.

I recently came by a service that uses dangerously short passphrases for
AES.
The current implementation using a 6 chars from BASE 36 encoded string.
The KDF is just one round of salted md5 (as defaults by openssl).

I think the main reason for selecting short passwords was that they could
be easily shared/written and that might be a requirement of the software.

Now though the information is somewhat sensitive it is not intended to be
secure against any advance adversary.
I would assume that any attack that will cost more then 100$ per key is
probably way more valuable then the
actual information. But as it stands now cracking the encryption is too
trivial (I did it on my ageing  laptop in couple of days)

So I was trying to think how to increase the security while still keeping
the passphrase relatively short.

I thought of suggesting using 8 chars BASE 58 using random salt and PBKDF2
with 1000 iterations
This is not very high number of iterations but on my system it takes a bit
less then a second to calculate and
since this is a runs on the clients which might be less powerful I don't
think they would be willing to compromise much more time.

So how feasible is this solution.
Can a 8 char passphrase be relatively secure or can it be bruted relatively
easily even with the increased rounds.
Is there any better solution to have ~ strongly encrypted data with
relatively short and easy to share key ?

Any comments or helpful suggestions would be appreciated
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160916/a0d81462/attachment.html>