zephyr@lemmy.worldM to linuxmemes@lemmy.world · 4 months ago-----BEGIN PRIVATE KEY-----lemmy.worldimagemessage-square73fedilinkarrow-up11.65Karrow-down122 cross-posted to: [email protected]
arrow-up11.63Karrow-down1image-----BEGIN PRIVATE KEY-----lemmy.worldzephyr@lemmy.worldM to linuxmemes@lemmy.world · 4 months agomessage-square73fedilink cross-posted to: [email protected]
minus-squareSatyrSack@lemmy.onelinkfedilinkarrow-up10arrow-down3·4 months agoEven if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like Tr0ub4dor&3 https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
minus-squareFillicia@sh.itjust.workslinkfedilinkarrow-up4·4 months agoIf the attacker search for your password specifically then xkcd themself posted the reason why it wouldn’t really matter https://www.explainxkcd.com/wiki/index.php/538:_Security If you’re doing blind attemps on a large set of users you’ll aim for the least secured password first, dictionary words and known strings.
Even if an attacker knew that your password was exactly four words from a specific list of only 2048 common words, that password would still be more secure than something like
Tr0ub4dor&3https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
If the attacker search for your password specifically then xkcd themself posted the reason why it wouldn’t really matter
https://www.explainxkcd.com/wiki/index.php/538:_Security
If you’re doing blind attemps on a large set of users you’ll aim for the least secured password first, dictionary words and known strings.