[talk] passwd entropy and strength
lists at eitanadler.com
Sun Nov 5 14:19:16 EST 2017
On 5 November 2017 at 11:06, Brian Callahan <bcallah at devio.us> wrote:
> On 11/05/17 14:04, Jan Schaumann wrote:
>> George Rosamond <george at ceetonetechnology.com> wrote:
>>> So someone getting some of the passwd really just needs a "Wheel of
>>> Fortune" approach to determining a passwd in full.
>>> co__ect ho_se batte_y staple
>>> "Can I buy an 'r'?"
>> It is rather rare that an attacker would have a partial password.
Y'all may be interested in NIST Special Publication 800-63-2 which
attempts to define entropy for human generated passwords.
More information about the talk