[Cryptography] generated passphrases
jamesd at echeque.com
jamesd at echeque.com
Mon Aug 12 18:53:58 EDT 2019
There are plenty of random phrase generators around, but I have not
found their algorithms and their word databases.
I hope someone could direct me to some open source for random phrase
generation
For the same entropy, it is easier to type an English language
passphrase than a random string of gibberish, even though the random
string has roughly three times the entropy per character, the longer
English phrase is easier to remember and to type.
Trouble is that user generated passwords and passphrases tend to have
low entropy.
Logon passphrases do not need much entropy, because the server will lock
you out after a large number of failed guesses, but the trouble is that
pass phrases for crypto currency accounts require about a 128 bits of
entropy, which corresponds to about twenty three characters of random
gibberish, or about a twelve word passphrase. It is hard to type in
twenty three characters of random gibberish.
To prevent people from using low entropy passphrases, most crypto
currency wallets use a generated passphrase of twelve words randomly
selected from a list of two thousand words.
Trouble is random words are hard to remember and type. Grammatically
correct nonsense passphrases are easier to remember and type.
Jitsi uses a random passphrase generator which generates grammatically
correct nonsense phrases, but its passphrase generator only generates
four word phrases.
Obviously, we would be better off using randomly generated grammatically
correct twelve word nonsense phrases than randomly generated strings of
words.
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list