explain xkcd - User contributions [en]

Talk:2530: Clinical Trials

2021-10-19T06:49:40Z

162.158.91.236:

Is this comic in reaction to some specific recent event? It seems like it might be related to vaccine trials, given the pandemic the world has been dealing with for the last 2 years... if so, it then seems to be a condemnation... am I reading too much into this?
[[User:Ericfromabeno|Ericfromabeno]] ([[User talk:Ericfromabeno|talk]]) 21:49, 18 October 2021 (UTC)

I would say this in relation to the mutiple treatments for Covid19 some of which have great clinical evaluation, others less so. I'll make a first draft [[User:Kev|Kev]] ([[User talk:Kev|talk]]) 21:53, 18 October 2021 (UTC)
:On this website there are far too many people who think everything is about Covid19. --[[Special:Contributions/162.158.88.219|162.158.88.219]] 06:30, 19 October 2021 (UTC)
::It comes to mind after a year full of iterations of the "3-step clinical trial procedure" shown in the comic. See e.g. https://en.wikipedia.org/wiki/List_of_unproven_methods_against_COVID-19

Note that a proper clinical trial does not "prove" its treatment to be effective, but it actually should do its damnedest to show that any observed (net) benefits are down to simple statistical fluke, but then fail, leaving the positive result 'proven'. And obviously extract every possible risk factor in the process. (Thalidomide fell down badly on this, many years ago, partly because of the numbers involved and the fact that susceptible mothers were often taking a cocktail of multiple 'remedies' over much of the nine months, which made the reality slow to be teased out. But the lessons learnt mean that authorising ''anything'' for pregnant women are tortuous, and testing on (non-pregnant) women in general is hampered by having to account for menstral cycles, so we end up with far too many man-tested drugs that say "not for use in pregnancy" just to keep far to the safe-side, plus still far more unknown levels of efficacy/etc in the 'generic' female body than we should have. But it's being addressed. Onward, ever onward!) [[Special:Contributions/162.158.159.49|162.158.159.49]] 23:14, 18 October 2021 (UTC)

The way I understood the title text was that the "change" was the one written in red, that is "now we have to do clinical trials". The title text's joke is thus that, because before that change clinical trials weren't part of the procedure ("standard of care"), you don't have to test the idea of testing ideas. Closely related to that "joke" is https://existentialcomics.com/comic/404 (but seriously this isn't a simple problem). [[Special:Contributions/108.162.229.101|108.162.229.101]] 01:21, 19 October 2021 (UTC)

Shouldn't Test if it works be step 2? Have idea, see if it works, impliment? [[Special:Contributions/172.68.129.137|172.68.129.137]] 01:52, 19 October 2021 (UTC)
:No. Steps 1 and 2 both include elements of testing and exploration; you need to perform experiments to come up with a good idea and convince -yourselves- that it is, in fact, good, and then you likely need to perform or at least show more tests to convince others that it is, in fact a good idea. But the addition of clinical trials added a further "and then you need to double triple check that your idea actually works rather than that it seemed to work in your initial experiments" step to (try to) avoid bad side effects and false correlation. [[User:Mneme|Mneme]] ([[User talk:Mneme|talk]]) 02:40, 19 October 2021 (UTC)

Mention of "anti-worming treatments" in the explanation. This is misleading, and gives the impression that drugs can only have a single function. It's like talking about the use of "headache medicine" for preventing heart attacks. If you want to refer to a specific medicine, do so by name but make damn sure that your claims about that medicine are accurate [[User:Mneme|Mneme]] ([[User talk:Mneme|talk]]) 04:36, 19 October 2021 (UTC)

While the awareness of clinical trials is of course more relevant because of COVID, I don't think this is intended to be topical. The title is very straightforwards-- "the invention of clinical trials" and is almost joke-less (basically just the format). The real joke is in the title text, where it's pointed out that because the "standard of care" before the invention of clinical trials was not to do clinical trials, we didn't need to go through this step to start doing them; just convince people it was a good idea. 02:40, 19 October 2021 (UTC)
: I think it's *extremely* topical, with the relatively recent debunking of ivermectin as (yet another) substance that has been widely claimed, distributed, and mis-used as a supposed COVID preventative/cure. [[User:BunsenH|BunsenH]] ([[User talk:BunsenH|talk]]) 03:49, 19 October 2021 (UTC)
:: If you like, it is topical by -context-, but not by content. Which is an interesting (but important) line to draw. [[User:Mneme|Mneme]] ([[User talk:Mneme|talk]]) 04:31, 19 October 2021 (UTC)

A recent editor pulled out my comment about how there isn't a joke, but I'd argue that that's necessary in some form. One of the reasons people go to Explain XKCD is that they're going "wait, did I miss a joke?" So explaining that as far as the community is concerned the main text is in-earnest education rathar than a missed joke does have an important purpose. [[User:Mneme|Mneme]] ([[User talk:Mneme|talk]]) 04:37, 19 October 2021 (UTC)

Talk:2529: Unsolved Math Problems

2021-10-18T16:07:34Z

162.158.91.236:

Does anyone have any clue whether the writing on the board in the weirdly abstract panel means anything? Maybe add an explanation about it?[[Special:Contributions/162.158.227.91|162.158.227.91]] 13:23, 17 October 2021 (UTC)

Center panel possibly related to "The drunkards walk" and theories on randomised motion.
https://www.quantamagazine.org/random-walk-puzzle-solution-20160907/
More references https://mathworld.wolfram.com/RandomWalk.html

Someone's gotta point out that "walking randomly on a grid, never visiting the same square twice" would rapidly trap you in a corner (even the example has a 50/50 chance of that happening on the next move) [[Special:Contributions/172.70.130.125|172.70.130.125]] 04:29, 16 October 2021 (UTC)

Not if it's an infinite grid.

I think there's two different ways to interpret the question - as a uniform random element of the set of all non-self-intersection NxK length paths, in which case it's fine, or as a path defined by a random walk in which moves onto your own path are not allowed, which doesn't seem well defined, since you might end up in a situation where you are surrounded by your own path and cannot continue for all NxK steps.

An early example of a cursed problem is the Cantor Function. https://en.wikipedia.org/wiki/Cantor_function

I admire whoever wrote the description of the curve in the "cursed" panel. [[User:Barmar|Barmar]] ([[User talk:Barmar|talk]]) 05:36, 16 October 2021 (UTC)

"Algebreic" is a misspelling of "algebraic". Could Randall really have made this mistake, or is it another malamanteau? What does "breic" come from? [[User:Barmar|Barmar]] ([[User talk:Barmar|talk]]) 06:10, 16 October 2021 (UTC)

I wonder if Randall was actually referring to that quote about "Into the Woods", or he just thought "Sondheim calculus" sounded cool and it was a total coincidence. I found it when I googled "sondheim calculus" to make sure it wasn't a real thing. [[User:Barmar|Barmar]] ([[User talk:Barmar|talk]]) 06:29, 16 October 2021 (UTC)

In panel 2, what would 'k' be? [[Special:Contributions/172.69.35.108|172.69.35.108]] 08:00, 16 October 2021 (UTC)

'k' would represent the number of marbles placed on the ground. [[Special:Contributions/162.158.88.127|162.158.88.127]] 08:09, 16 October 2021 (UTC)
:Though probably correct, I think the implied state is that an integer multiple (k) of N steps is made (s=N*k), with that number of marbles dropped, not s=(N*k)+c steps (for N>c) which would have the same result (uselessly) for all values of s where c ranges 0..N-1. It just introduces inflections into the graph (with s as an axis) that needn't be there (with just a k-based one). Or, in other words, selectively poll all s-values that are exactly divisible by N, and forget all the rest. (That divisor is k, and hence k is the number of marbles. Or perhaps k+1 if you leave one on the starting spot too.) [[Special:Contributions/162.158.159.25|162.158.159.25]] 21:59, 16 October 2021 (UTC)

To me, the cursed curve looks a bit like a crosier https://commons.wikimedia.org/wiki/File:Crosiere_of_arcbishop_Heinrich_of_Finstingen.jpg

--> I had the same impression and added it. --[[Special:Contributions/162.158.94.219|162.158.94.219]] 11:40, 16 October 2021 (UTC)

No explanation of the "Euler Field Manifold Hypergroup (Isomorphic to a)..." part?

The cursed curve looks almost like someone took a graph of the Binet formula in the complex plane, stretched it out a bit, and rotated it onto the i axis.
: This was my first thought too when I saw it. [[Special:Contributions/172.69.34.87|172.69.34.87]] 17:16, 16 October 2021 (UTC)
: It looks like Vulcan script to me. [[User:LtPowers|LtPowers]] ([[User talk:LtPowers|talk]]) 13:51, 16 October 2021 (UTC)
: That's what it looks like to me too; recognized it from that Numberphile video on Fibonacci numbers in the complex plane [[Special:Contributions/108.162.245.245|108.162.245.245]] 07:36, 17 October 2021 (UTC)

Could the cursed curve be a reference to the logistic map?

Can someone produce a high resolution image of the Cursed Curve? It needs to be on a T-shirt [[User:Avimimus|Avimimus]] ([[User talk:Avimimus|talk]]) 21:39, 16 October 2021 (UTC)

Is someone going to mention the title text?

I swear I've seen that third plot, I thought it was in XKCD, but a quick run through tagged entries didn't find anything... unfortunately I consume a lot of math media so I can't place it. It's bugging me so I hope this note will serve as encourgement to someone that DOES remember [[Special:Contributions/162.158.106.221|162.158.106.221]] 21:29, 16 October 2021 (UTC)
:I'm sure I've seen components of the cursed-curve, not sure if they fit together like that, easily, though. The differentiation of dy/dt (which is odd in itself) of the first (lower) bit looks discontinuous, followed by a chaotic oscilation (may just be the culmination of the less frenetic chaos that created the first set of x=f(y) - again, an unusual way round) that then settles into a pattern where ''regardless'' of the 'prime axis', you have multiple real roots on the other, towards some great-attractor value.
: In more standard x/y (or y=f'(x)?) notation, it is clear that there are multiple real roots for various values of x within a range, and possible none at all beyond that (or it's a plotting error insofar as x tends to ±infinity it has a very narrow range of y that is never sampled properly, but should connect to that pulse 'randomness'). If it's a plot of real vs imaginary components of a complex function to a different continuous value, I suspect someone is playing silly-buggers with multiple (perhaps nested?) trigonometric functions, polynomials and variable-shifted powers. But it's nearly thirty years since I did mathematics at the level needed to disentangle this neatly (back when Mandelbrots and Julias were still a staple wall-poster for any student not more into the likes of Iron Maiden skull-motifs or <insert your favourite classic film here>, and even then it might be) so don't ask me where to start. [[Special:Contributions/162.158.89.140|162.158.89.140]] 16:48, 17 October 2021 (UTC)

Are there any examples of "cursed" math problems? I've seen "weirdly abstract" and "weirdly concrete" ones, but not "cursed" ones. [[Special:Contributions/162.158.63.117|162.158.63.117]] 01:03, 17 October 2021 (UTC)

The symbol in the third panel looks like an unalome, which is not a mathematical symbol but a Buddhist or mystical one https://en.wikipedia.org/wiki/Yantra_tattooing#Types_and_designs

There is at least one paper on arxiv defining quasimonoid, 1401.7748. It's from 2014 so it existed long before the comic. --[[Special:Contributions/162.158.88.253|162.158.88.253]] 14:04, 17 October 2021 (UTC)

Links, '''please'''! Not all of us are mathematicians. If you mention something that you think the cursed curve might represent, please provide a link to something describing that something so the rest of us can read it and attempt to learn more. [[User:Shamino|Shamino]] ([[User talk:Shamino|talk]]) 17:44, 17 October 2021 (UTC)

That cursed squiggle sure looks like the sort of thing that used to flow from {{w|Saul Steinberg}}'s pen, as seen in the pages of the New Yorker back in the 60s. The most relevant example I can find right now is from 1965: https://fineartamerica.com/featured/new-yorker-february-20th-1965-saul-steinberg.html [[Special:Contributions/162.158.255.177|162.158.255.177]] 03:38, 18 October 2021 (UTC)

So, is the middle one an actual unsolved problem? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 16:07, 18 October 2021 (UTC)

2525: Air Travel Packing List

2021-10-14T06:32:31Z

162.158.91.236: Added to goggles/nose

{{comic
| number = 2525
| date = October 6, 2021
| title = Air Travel Packing List
| image = air_travel_packing_list.png
| titletext = I know the etiquette is controversial, but I think it's rude when the person in front of me reclines their seat into the bell of my trumpet.
}}

==Explanation==
{{incomplete|Created by an TRUMPETBORNE PARACHUTER - Please change this comment when editing this page. Do NOT delete this tag too soon.}}
This comic is another in a [[:Category:COVID-19|series of comics]] related to the {{w|2019–20 coronavirus outbreak|2020 pandemic}} of the {{w|coronavirus}} {{w|SARS-CoV-2}}, which causes {{w|COVID-19}}.

The comic is about a proposed air-travel packing list, and the humor stems from the fact that many people have not been flying during the pandemic, and thus they might have forgotten what to pack. So [[Randall]] is so kind as to provide a packing list with 20 items. However, apart from the first item, the rest is not something you would or even should normally bring on an airplane plane.

Many of the items are already found on passenger airplanes, some items would seem like they could be useful on a plane, while others could actually be useful in case of a plane crash (but only if you survive), while many others would be counter-productive to safe air travel, even in the event of a crash. Below in [[#Table of items|the table]] is a quick summary of each item.

The title text references the idea that there is a trumpet for each passenger provided by the airline, which is item number 16 on the list. This items also states that you, because of the COVID-19 pandemic, should remember to bring your own mouthpiece for the trumpet as a safety measure.

The trumpet idea is then combined with the common debate regarding reclining your seat in airplanes. About half of the people think that reclining is rude as it takes up the space of the person behind you. The other half think that seats recline for a reason and the person in a seat has the rights to the space behind them. See for instance this [https://www.youtube.com/watch?v=08A30v8isRs video] about such a debate. Reclining a seat has resulted in actual [https://www.independent.co.uk/news/world/americas/crime/fight-airplane-man-punch-video-b1895402.html physical fights] on board airplanes.

Here it seems that Randall sides with the anti-recliners, although maybe only in the context of the comic, because he states that reclining would prevent him from playing his trumpet, as the seat hits the bell of the trumpet. The person in front could certainly argue that playing the trumpet behind them would be very annoying, to which Randall could reply that because the trumpet is provided by the airline, he has the right to play it. This would add a new layer to the debate. This could also be Randall's way of arguing against the right to recline a seat, just because it is possible.

===Table of items===
{| class="wikitable"
! Item
! Explanation
|-
|Seat cushion
|This item is a play on sports stadium bleachers (sports stadiums were another venue commonly closed during the pandemic), because many sports fans find stadium bleachers uncomfortable and prefer to bring their own seat cushions. Airlines usually provide their own seat cushions for passengers, which are specially designed to float in water in the event of a plane crash.
|-
|{{w|Parachute}}
|Parachutes are normally used to slow down your falling out of the sky to a relatively safe speed in case of a severe problem with your aircraft, and are routinely used as a safety device by (para)glider pilots, test pilots, military aircraft crew and in similar situations when being unable to land safely is a significant concern. A parachute won't be very useful in a typical passenger airplane (even a small one) as there is no easy way to safely exit such a plane in-flight. Even the airplanes used for {{w|skydiving}} need to be specifically designed or modified for that purpose, such as having wide sliding doors that are unaffected by airflow. However, there were individual cases of people being ejected or sucked out of a passenger airplane, often during partial or complete break-up of the aircraft; in such case a parachute could arguably be useful.{{Citation needed}} Famously, [[:Category:Comics featuring D. B. Cooper|D.B. Cooper]] jumped from an airplane in flight, with a parachute but was never knowingly seen again.
|-
|Wing glue
|Probably to repair wings in the event of damage, potentially in a crash. This would be tricky (but not necessarily impossible) to apply mid-flight. This is the first of several items that are potentially useful to the flight crew or maintenance teams, but would not be useful or appropriate for passengers to bring aboard. Minor repairs (including to the wings) can be made by service personnel using {{w|speed tape}}, tape specially designed for high-speed applications. Speed tape might be mistaken for ordinary duct tape by passengers.
|-
|{{w|Air horn}}
|An air horn uses compressed air to make a very loud noise, very easily. This may be important for drawing attention to yourself in the event of a crash. Typically, emergency life-jackets on a plane are provided with a light and whistle for this purpose. The noise of an air horn might prove more effective for this purpose than a whistle, but it would become useless as soon as the compressed air ran out. Its inclusion is probably meant to suggest that the word 'air' in its name indicates that it's designed for use in an aircraft. Using one in a non-emergency situation would infuriate everyone else on the plane.
|-
|{{w|Sextant}}
|In combination with star charts, a sextant can be used to determine your position based on the location of stars in the night sky. Alternately, in combination with an accurate clock, a sextant can be used to find the position of the sun relative to the aircraft to determine the vehicle's position. In a crash, you could use this to find your way to a safe place, but sextants are rarely used, and most people are not trained on how to operate one. GPS will also allow you to find your position, is built into many phones, and is faster and easier to use than a sextant. If you've got a homing beacon, it probably makes more sense to just activate that and wait for help to arrive.

Until the early 1980s, long-range airplanes had a {{w|Air_navigation#Flight_navigator|flight navigator}} who used sextants and {{w|celestial navigation}} to determine the position of the airplane. Interestingly, it was much more accurate than early {{w|inertial navigation system}}s, and the accuracy of celestial navigation is still useful today. What made the sextant redundant was the INS' lower workload - the error accumulated by the INS during a long oceanic flight could always and easily be mitigated by other means, for example with {{w|VHF omnidirectional range|VOR}}/{{w|Non-directional beacon|NDB}} radio beacons.

A form of the sextant has also famously been used in {{w|Apollo_PGNCS#Optical_units|spacecraft navigation}} and similarly applied {{w|star tracker}}s have been used extensively to guide space-going craft ranging from suborbital missiles to interplanetary probes.
|-
|Nose plugs and goggles for pressure
|Nose plugs and goggles are commonly used in swimming but would be useless for dealing with cabin pressurization or depressurization. Since your mouth and nose are interconnected, nose plugs would be useless on their own. Trying to hold your breath in a sudden depressurization event will cause lung damage, so nose plugs wouldn't be a good thing, even if you could also seal off your mouth. Goggles would also not be useful. During depressurization, the air would just seep out. During pressurization, they would just become uncomfortable and difficult to remove.

Goggles were a typical piece of equipment for pilots of open cockpit airplanes, whose popularity peaked before the pandemic.{{Citation needed}} Nose plugs may be a reference to the spark plugs used on the engines of such vehicles.
|-
|Airplane shoes
|Airlines typically don't require the use of special footwear for passengers, nor do they provide special shoes. Before emergency egress, certain shoes (like high heels) must be discarded, though. Aircrew are also prohibited from wearing such shoes.
|-
|Navigation crystal
|Mystical form of navigation, presumably either for navigation during flight or to help you get home after a crash.
Crystals that polarize light can be used as a compass [http://www.polarization.com/viking/viking.html], but even then, their utility would be limited.
|-
|Spare batteries in case the plane runs out
|Airplanes will generally use more power than any battery small enough to be easily packed in a bag could provide. The aircraft will generally use either 115V AC at 400Hz or 28V DC, both of which are very uncommon outside of aviation. The airplane will almost never use its own batteries in-flight anyway, getting its electric power from the main engines, the APU, or, in emergencies, the ram air turbine or similar generating device. The batteries are generally only used on the ground when the engines are not running. Could be to charge a phone or similar device if the plane runs out of outlets.
|-
|{{w|Birdseed}}
|So one can attract birds. In practice, this wouldn't work for multiple reasons (high speed, altitude, and sealed windows being some of most obvious ones) and would pose a significant hazard of birds getting stuck in an engine if it did. Spreading birdseed before boarding ''could'' work to attract birds, but would be seen as misconduct by airport authorities, as attracting birds close to aircraft would pose a danger to the aircraft. Alternatively, birdseed can be used to attract birds after surviving a crash, e.g. to catch them for food.
|-
|{{w|Homing beacon}}
|Once activated, a homing beacon will send out a continuous radio signal so that rescuers can find your location. These can be very useful in a plane crash, but airplanes already carry them ({{w|Emergency position-indicating radiobeacon}}s), so you don't need to pack one yourself. Incidentally, the {{w|COSPAS-SARSAT}} system for locating distressed airplanes and ships was a cooperation started by the United States and the Soviet Union, and it was an elegant and simple solution that uses the {{w|Doppler effect}} of radio signals for accurate location - long before the {{w|Global Positioning System}}.
|-
|Meteorite antidote
|Meteorites are pieces of space rocks that make it all the way to the ground. They can cause injury but they aren't generally poisonous{{Citation needed}}, so an antidote would not help. The antidote could be an antidote to something else, possibly snakebite and be derived from meteorites but meteorites also lack verified medicinal properties.
|-
|USB wing connector
|This is a just a wire connector, but because it has wing in the name is on the list. Alternatively, the plane wings connect by USB, and this can be used to reattach wings. Airplanes usually use the {{W|ARINC 429}} protocol (or, increasingly, TCP/IP, RS427, RS232, or even CANBUS) instead of USB protocols to facilitate electronic communication between flight computers and the engines, for example.
|-
|Emergency siren
|Very much like air horn, would be useful for helping with locating you in the event of crash. It shares many of the same downsides, but would also more likely get damaged by water in case of a water landing.
|-
|Spare {{w|Flap (aeronautics)|flaps}}
|Flaps can be moved to adjust the lift/drag ratio of a wing, and are generally deployed during takeoff and landing when the aircraft's speed is slower. Flaps are very large and mounted on the wing, outside the passenger compartment, so bringing spares would be very difficult and completely useless. Flaps failing to deploy can usually be remedied by just landing at a longer runway.
|-
|{{w|Mouthpiece (brass)|Mouthpiece}} (pandemic restriction; airlines still provide the trumpet)
|A part of a brass instrument like a trumpet. Randall jokes that trumpets are provided on airplanes (which would be very obnoxious to other passengers), but due to the pandemic you cannot use a shared mouthpiece. (You shouldn't share mouthpieces for anything anyway, in general.)
|-
|Luggage ballast
|Likely to make plane more balanced. While balancing weight in a plane is indeed a real problem, it is solved by rearranging luggage and adjusting engine power slightly. Introducing ballast would mean additional weight for no real reason.
Alternatively, while a common passenger issue is to have hand- and/or hold-luggage that exceeds the airline's personal allowance, this person has ''under''weight baggage and does not wish to 'waste' the difference, so bulks it up. (Noting that someone already with the rest of the items on this list is unlikely to suffer this 'problem'.)
|-
|Flag (international flights)
|To identify your country of origin. Other flags are also used to communicate between boats without electricity, in the event the boats are in distress, so they could be used in the event of a crash.
|-
|Decoy tickets
|Maybe these would used as a distraction so you can sneak onto the plane without paying?
But also a typical trope for fictional (and real life?) attempts to evade being tracked or followed. Buy tickets for one destination, that one assumes the opposition will be fully aware of, but also arrange for another set (probably with a 'clean' identity) for your intended destination and switch to using those once in the chaos of the departure-lounge.
|-
|Keys to the plane
|Although some people pushed for it after an airplane was stolen in the {{w|2018 Horizon Air Q400 incident}}, most commercial planes do not require keys to start the engine(s) like a car does. Likewise, plane doors are not locked with a key. Instead, they are secured with a tamper seal. If a seal is found broken, the plane is thoroughly checked for any wrong-doing.
|}

==Transcript==
:[A lists of 20 items is given in two columns with 10 items in each. Each item is preceded by a checkbox. Most items only take up one line, but in the left column two items take up two and in the right one item take up three, so they take up the same space. Above is a large heading, with an explanation beneath it.]
:<big><big>Air Travel Packing List</big></big>
:<big>If you haven't flown in a while, you might not remember what you need to bring. Use this handy checklist to pack!</big>

:[Left column:]
:☐ Seat cushion
:☐ Parachute
:☐ Wing glue
:☐ Air horn
:☐ Sextant
:☐ Nose plugs and goggles for pressure
:☐ Airplane shoes
:☐ Navigation crystal
:☐ Spare batteries in case the plane runs out
:☐ Birdseed

:[Right column:]
:☐ Homing beacon
:☐ Meteorite antidote
:☐ USB wing connector
:☐ Emergency siren
:☐ Spare flaps
:☐ Mouthpiece (Pandemic restriction; airlines still provide the trumpet)
:☐ Luggage ballast
:☐ Flag (International flights)
:☐ Decoy tickets
:☐ Keys to the plane

{{comic discussion}}

[[Category:COVID-19]]
[[Category:Animals]]

Talk:936: Password Strength

2015-09-23T09:38:59Z

162.158.91.236: Enhance my own comment (corrections, add some info, increase clarity, increase portability)

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can someone enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)
:I have missed the sentence "Randall assumes only the 16 most common characters are used in practice (4 bits)". Hm. There is a huge list with real world passwords out there, leaking from RockYou in 2009. After some processing to remove passwords containing characters that are not printable ASCII characters (ñ, £, ๅ, NBSP, EOT, ...), the list contains about 14329849 unique passwords from about 32585010 accounts (there are some garbage "passwords" like HTML code fragments). The following are the number of accounts using a password containing a particular printable character (one or more tokens of a particular type):
<nowiki>
226673 .
186883 _
179264 !
125846 -
104224 @
95237 *
92802 (space)
60002 #
36522 /
31172 $
28550 &
27686 ,
23905 +
18704 =
18268 )
17927 ?
16401 (
16074 '
14407 ;
11819 <
11118 %
10723 ]
8975 \
7718 [
7209 :
5815 ~
5673 ^
4995 `
2847 "
2741 >
1050 {
939 }
502 |

(NB: 1222815 accounts were using a password containing at least one of these.)
</nowiki>
:Sorry, I have no "citation". But you can play with the leaked RockYou password list yourself. Here is a way to reach that playground:
<nowiki>
$ # Download the compressed list (57 MiB; I have no idea what "skullsecurity"
$ # is, it was simply the first find and I assume it's the said list):
$ wget http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2

$ # Decompress the list (243 MiB), or, to speak more exact, it's a table:
$ bzip2 -dk rockyou-withcount.txt.bz2

$ # The content of the table is: "How many accounts (first row) were using that
$ # password (second row)?" Let's take a peek:
$ head -n5 rockyou-withcount.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou

$ # The following command processes the table to remove lines with passwords
$ # containing characters that are not printable ASCII characters (14541
$ # lines/passwords, 18038 accounts), and lines insisting that there were some
$ # accounts with no password (1 line, 340 accounts). Moreover, the command
$ # removes every space character not belonging to a password, makes the rows
$ # tab-delimited and writes the result in a file called "ry" (161 MiB; many
$ # bloating spaces removed).
$ LC_ALL=C sed -n 's/^ *$[1-9][0-9]*$ $[[:print:]]\{1,\}$$/\1\t\2/p' rockyou-withcount.txt >ry

$ # The following are shell functions to build commands. They will be explained
$ # below using examples (I can not express myself well in this language).
$ counta() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1 } } END { print a " (" p ")" }' "$2" ;}
$ countap() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1; print $0 } } END { print a " (" p ")" }' "$2" ;}

$ # We have reached the playground. Here are some examples for how to use the
$ # toys:

$ # Count how many accounts were using a password containing the string love:
$ counta 'love' ry
671599 (188855)

$ # The first operand of the above command is a extended regular expression
$ # (ERE). The second operand is a file, namely the previously generated file
$ # called "ry", that is the (processed) table. The first number of the output
$ # means: "That many accounts were using a password matching the ERE." The
$ # second number inside parentheses means: "That many unique passwords matching
$ # the ERE." If the first number is greater than the second number, some
$ # accounts sharing the same password (we will see this clearly in one of the
$ # examples below).

$ # Count how many accounts were using a password containing at least one
$ # character:
$ counta '.' ry
32585010 (14329849)

$ # Count how many accounts were using a password containing exactly one
$ # character:
$ counta '^.$' ry
144 (45)

$ # Count how many accounts were using a password containing exactly one numeric
$ # character:
$ counta '^[0-9]$' ry
55 (10)

$ # Let's have a look at the distribution:
$ countap '^[0-9]$' ry
29 1
6 7
6 3
3 9
3 2
2 6
2 5
2 0
1 8
1 4
55 (10)

$ # Obove we see the second command at work. You see what it does and what it
$ # does different. And here we see clearly the meaning of the first number and
$ # the second number inside parentheses.

$ # Count how many accounts were using a password containing at least one
$ # numeric character:
$ counta '[0-9]' ry
17609065 (9761364)

$ # Count how many accounts were using a password ending with a numeric
$ # character:
$ counta '[0-9]$' ry
15728238 (8313698)

$ # Count how many accounts were using a password beginning with a numeric
$ # character:
$ counta '^[0-9]' ry
6409397 (3283946)

$ # Count how many accounts were using a password containing only numeric
$ # characters:
$ counta '^[0-9]+$' ry
5192990 (2346744)

$ # And, last but not least, count how many accounts were using a password
$ # containing that "uncommon non-gibberish base word" in 936, with an upper
$ # or an lower case first letter, with or without some of the "common
$ # substitutions":
$ counta '[tT]r[o0]ub[a4]d[o0]r' ry
3 (3)

$ # Yes, there are some. 14 million unique passwords are a lot. Let's see what
$ # exactly was used:
$ countap '[tT]r[o0]ub[a4]d[o0]r' ry
1 troubador1
1 troubador
1 darktroubador
3 (3)
</nowiki>
:[[Special:Contributions/162.158.91.236|162.158.91.236]] 06:23, 21 September 2015 (UTC)

Talk:936: Password Strength

2015-09-21T08:32:50Z

162.158.91.236:

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can someone enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)
:I have missed the sentence "Randall assumes only the 16 most common characters are used in practice (4 bits)". Hm. There is a huge list with real world passwords out there, leaking from RockYou in 2009. After some processing to remove UTF-8 passwords, the list contained about 14329849 unique passwords from about 32585010 accounts. The following are the number of accounts using a password containing some (ASCII) punctuation or space characters:
<nowiki>
226673 .
186883 _
179264 !
125846 -
104224 @
95237 *
92802 (space)
60002 #
36522 /
31172 $
28550 &
27686 ,
23905 +
18704 =
18268 )
17927 ?
16401 (
16074 '
14407 ;
11819 <
11118 %
10723 ]
8975 \
7718 [
7209 :
5815 ~
5673 ^
4995 `
2847 "
2741 >
1050 {
939 }
502 |
</nowiki>
:Sorry, I have no "citation". But you can play with the leaked RockYou password list yourself. Here is a way to reach that playground:
<nowiki>
$ # Download the compressed list (57 MiB; I have no idea what "skullsecurity"
$ # is, it was simply the first find and I assume it's the said list):
$ wget 'http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2'

$ # Decompress the list (243 MiB), or, more exact spoken, it's a table:
$ bzip2 -dk rockyou-withcount.txt.bz2

$ # The content of the table is: "How many accounts (first row) were using that
$ # password (second row)?" Let's take a peek:
$ head -n5 rockyou-withcount.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou

$ # The following command processes the table to remove lines having non-ASCII
$ # characters or non-printable ASCII characters in the password, and lines
$ # insisting that there were some accounts with no password. Moreover, the
$ # command removes every space character not belonging to a password, makes
$ # the rows tab-delimited and writes the result in a file called "ry"
$ # (161 MiB).
$ LC_ALL=C sed -nr 's/^ *([1-9][0-9]*) ([[:print:]]+)$/\1\t\2/p' rockyou-withcount.txt > ry

$ # The following are shell functions to build commands. They will be explained
ä # below using examples (I can not express myself well in this language).
$ counta() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1 } } END { print a " (" p ")" }' "$2" ;}
$ countap() { LC_ALL=C awk 'BEGIN { FS = "\t"; p = 0; a = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { p++; a += $1; print $0 } } END { print a " (" p ")" }' "$2" ;}

$ # We have reached the playground. Here are some examples for how to use the
$ # toys:

$ # Count how many accounts were using a password containing the string love:
$ counta 'love' ry
671599 (188855)

$ # The first operand of this command is a extended regular expression (ERE),
$ # namely "love". The second operand of this command is a file, namely the
$ # obove generated file called "ry", that is the (processed) table. The first
$ # number of the output means: "That many accounts were using a password
$ # matching the ERE." The second number in parentheses means: "That many unique
$ # passwords matching the ERE." If the first number is greater than the second
$ # number, some accounts sharing the same password. We will see this clearly in
$ # some examples below.

$ # Count how many accounts were using a password containing at least one
$ # character:
$ counta '.' ry
32585010 (14329849)

$ # Count how many accounts were using a password containing exactly one
$ # character:
$ counta '^.$' ry
144 (45)

$ # Count how many accounts were using a password containing exactly one
$ # numeric character:
$ counta '^[0-9]$' ry
55 (10)

$ # Let's have a look at the distribution:
$ countap '^[0-9]$' ry
29 1
6 7
6 3
3 9
3 2
2 6
2 5
2 0
1 8
1 4
55 (10)

# Here we see the second command in action. You see what it does and what it
# does different. And here we see clearly the meaning of the first and the
# second number in parentheses.

$ # Count how many accounts were using a password containing at least one
$ # numeric character:
$ counta '[0-9]' ry
17609065 (9761364)

$ # Count how many accounts were using a password ending with a numeric
$ # character:
$ counta '[0-9]$' ry
15728238 (8313698)

$ # Count how many accounts were using a password beginning with a numeric
$ # character:
$ counta '^[0-9]' ry
6409397 (3283946)

$ # And, last but not least, count how many accounts were using a password
$ # containing that "uncommon non-gibberish base word" in 936, with an upper
$ # or an lower case first letter, with or without some of the "common
$ # substitutions":
$ counta '[tT]r[o0]ub[a4]d[o0]r' ry
3 (3)

$ # Yes, there are some. 14 million passwords are a lot. Let's see what exactly
$ # was used:
$ countap '[tT]r[o0]ub[a4]d[o0]r' ry
1 troubador1
1 troubador
1 darktroubador
3 (3)
</nowiki>
:[[Special:Contributions/162.158.91.236|162.158.91.236]] 06:23, 21 September 2015 (UTC)

Talk:936: Password Strength

2015-09-21T06:37:20Z

162.158.91.236:

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can someone enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)
:I have missed the sentence "Randall assumes only the 16 most common characters are used in practice (4 bits)". Hm. There is a huge list with real world passwords out there, leaking from RockYou in 2009. After some processing to remove UTF-8 passwords, the list contained about 14329849 unique passwords from about 32585010 accounts. The following are the number of accounts using a password containing some (ASCII) punctuation or space characters:
<nowiki>
226673 .
186883 _
179264 !
125846 -
104224 @
95237 *
92802 (space)
60002 #
36522 /
31172 $
28550 &
27686 ,
23905 +
18704 =
18268 )
17927 ?
16401 (
16074 '
14407 ;
11819 <
11118 %
10723 ]
8975 \
7718 [
7209 :
5815 ~
5673 ^
4995 `
2847 "
2741 >
1050 {
939 }
502 |
</nowiki>
:Sorry, I have no "citation". But you can play with the leaked RockYou password list yourself. Here is a way to reach that playground:
<nowiki>
$ # Download the compressed list (57 MiB; I have no idea what "skullsecurity"
$ # is, it was simply the first find and I assume it's the said list):
$ wget 'http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2'

$ # Decompress the list (243 MiB), or, more exact spoken, it's a table:
$ bzip2 -dk rockyou-withcount.txt.bz2

$ # The content of the table is: "How many accounts (first row) were using that
$ # password (second row)?" Let's take a peek:
$ head -n5 rockyou-withcount.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou

$ # The following command processes the table to remove lines having non-ASCII
$ # characters or non-printable ASCII characters in the password, and lines
$ # insisting that there were some accounts with no password. Moreover, the
$ # command removes every space character not belonging to a password, makes
$ # the rows tab-delimited and writes the result in a file called "ry"
$ # (161 MiB).
$ LC_ALL=C sed -nr 's/^ *([1-9][0-9]*) ([[:print:]]+)$/\1\t\2/p' rockyou-withcount.txt > ry

$ # The following is a shell function to build a command to sum up how many
$ # accounts were using passwords matching an extended regular expression and
$ # print the sum.
$ counta() { LC_ALL=C awk 'BEGIN { FS = "\t"; n = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) n += $1 } END { print n }' "$2" ;}

$ # The following is a shell function to build a command to sum up how many
$ # accounts were using passwords matching an extended regular expression,
$ # print the sum and also print the summands and the passwords.
$ countap() { LC_ALL=C awk 'BEGIN { FS = "\t"; n = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { n += $1; print $0 } } END { print n }' "$2" ;}

$ # We have reached the playground. Some examples for how to use the toys:

$ # Count how many accounts were using a password containing the string love:
$ counta 'love' ry
671599

$ # Count how many accounts were using a password containing at least one
$ # character:
$ counta '.' ry
32585010

$ # Count how many accounts were using a password containing exactly one
$ # character:
$ counta '^.$' ry
144

$ # Count how many accounts were using a password containing exactly one
$ # numeric character:
$ counta '^[0-9]$' ry
55

$ # Let's have a look at the distribution:
$ countap '^[0-9]$' ry
29 1
6 7
6 3
3 9
3 2
2 6
2 5
2 0
1 8
1 4
55

$ # Count how many accounts were using a password containing at least one
$ # numeric character:
$ counta '[0-9]' ry
17609065

$ # Count how many accounts were using a password ending with a numeric
$ # character:
$ counta '[0-9]$' ry
15728238

$ # Count how many accounts were using a password beginning with a numeric
$ # character:
$ counta '^[0-9]' ry
6409397

$ # Count how many accounts were using a password containing that "uncommon
$ # non-gibberish base word" in 936, with an upper or an lower case first
$ # letter, with or without some of the "common substitutions":
$ counta '[tT]r[o0]ub[a4]d[o0]r' ry
3

$ # There are some. 14 million passwords are a lot. Let's see what exactly was
$ # used and how often:
$ countap '[tT]r[o0]ub[a4]d[o0]r' ry
1 troubador1
1 troubador
1 darktroubador
3</nowiki>
:[[Special:Contributions/162.158.91.236|162.158.91.236]] 06:23, 21 September 2015 (UTC)

Talk:936: Password Strength

2015-09-21T06:23:55Z

162.158.91.236:

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can someone enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)
:I have missed the sentence "Randall assumes only the 16 most common characters are used in practice (4 bits)". Hm. There is a huge list with real world passwords out there, leaking from RockYou in 2009. After some processing to remove UTF-8 passwords, the list contained about 14329849 unique passwords from about 32585010 accounts. The following are the number of accounts using a password containing some (ASCII) punctuation or space characters:
<nowiki>
226673 .
186883 _
179264 !
125846 -
104224 @
95237 *
92802 (space)
60002 #
36522 /
31172 $
28550 &
27686 ,
23905 +
18704 =
18268 )
17927 ?
16401 (
16074 '
14407 ;
11819 <
11118 %
10723 ]
8975 \
7718 [
7209 :
5815 ~
5673 ^
4995 `
2847 "
2741 >
1050 {
939 }
502 |
</nowiki>
:Sorry, I have no "citation". But you can play with the leaked RockYou password list yourself. Here is a way to reach that playground:
<nowiki>
$ # Download the compressed list (57 MiB; I have no idea what "skullsecurity"
$ # is, it was simply the first find and I assume it's the said list):
$ wget 'http://downloads.skullsecurity.org/passwords/rockyou-withcount.txt.bz2'

$ # Decompress the list (243 MiB), or, more exact spoken, it's a table:
$ bzip2 -dk rockyou-withcount.txt.bz2

$ # The content of the table is: "How many accounts (first row) were using that
$ # password (second row)?" Let's take a peek:
$ head -n5 rockyou-withcount.txt
290729 123456
79076 12345
76789 123456789
59462 password
49952 iloveyou

$ # The following command processes the table to remove lines having non-ASCII
$ # characters or non-printable ASCII characters in the password, and lines
$ # insisting that there were some accounts with no password. Moreover, the
$ # command removes every space character not belonging to a password, makes
$ # the rows tab-delimited and writes the result in a file called "ry"
$ # (161 MiB).
$ LC_ALL=C sed -nr 's/^ *([1-9][0-9]*) ([[:print:]]+)$/\1\t\2/p' rockyou-withcount.txt > ry

$ # The following is a shell function to build a command to sum up how many
$ # accounts were using passwords matching an extended regular expression and
$ # print the sum.
$ counta() { LC_ALL=C awk 'BEGIN { FS = "\t"; n = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) n += $1 } END { print n }' "$2" ;}

$ # The following is a shell function to build a command to sum up how many
$ # accounts were using passwords matching an extended regular expression,
$ # print the sum and also print the summands and the passwords.
$ countap() { LC_ALL=C awk 'BEGIN { FS = "\t"; n = 0 } { if ($2 ~ /'"$(printf %s "$1" | sed 'sI/I\\/Ig')"'/) { n += $1; print $0 } } END { print n }' "$2" ;}

$ # We have reached the playground. Some examples for how to use the toys:

$ # Count how many accounts were using a password containing the string love:
$ counta 'love' ry
671599
$ # Count how many accounts were using a password containing at least one
$ # character:
$ counta '.' ry
32585010
$ # Count how many accounts were using a password containing exactly one
$ # character:
$ counta '^.$' ry
144
$ # Count how many accounts were using a password containing exactly one
$ # numeric character:
$ counta '^[0-9]$' ry
55
$ # Let's have a look at the distribution:
$ countap '^[0-9]$' ry
29 1
6 7
6 3
3 9
3 2
2 6
2 5
2 0
1 8
1 4
55
$ # Count how many accounts were using a password containing at least one
$ # numeric character:
$ counta '[0-9]' ry
17609065
$ # Count how many accounts were using a password ending with a numeric
$ # character:
$ counta '[0-9]$' ry
15728238
$ # Count how many accounts were using a password beginning with a numeric
$ # character:
$ counta '^[0-9]' ry
6409397
$ # Count how many accounts were using a password containing that "uncommon
$ # non-gibberish base word" in 936, with an upper or an lower case first
$ # letter, with or without some of the "common substitutions":
$ count '[tT]r[o0]ub[a4]d[o0]r' ry
3
$ # There are some. 14 million passwords are a lot. Let's see what exactly was
$ # used and how often:
$ countap '[tT]r[o0]ub[a4]d[o0]r' ry
1 troubador1
1 troubador
1 darktroubador
3</nowiki>
:[[Special:Contributions/162.158.91.236|162.158.91.236]] 06:23, 21 September 2015 (UTC)

Talk:936: Password Strength

2015-09-19T17:33:42Z

162.158.91.236:

Talk:936: Password Strength

2015-09-19T17:31:50Z

162.158.91.236:

''Fix the software first.'' If you double the time it takes to enter each repeated password attempt you make brute force attacks pointless. Imagine you allowed a hurried user who screws up their own password entry w/ frozen fingers. If their system starts out with a 1 second delay, then doubles to two, then to four, etc. the time it takes to wait is 2^n. Six screw ups cost you a minute, twenty errors and you are waiting 291 hours before your next log-in attempt.... kmc 2015-05-10 {{unsigned ip|108.162.229.124}}

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. '''[[User:Davidy22|{{Color|purple|David}}y²²]]'''[[User talk:Davidy22|<tt>[talk]</tt>]] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words.
Look at the number of bits displayed in the image: 11 bits for each word.
That means he's assuming a dictionary of 2048 words, from which each word is picked randomly.
The assumption is that the cracker knows your password scheme.
[[Special:Contributions/86.81.151.19|86.81.151.19]] 20:17, 28 April 2013 (UTC)
Willem

:I just wrote a program to bruteforce this password creation method. https://github.com/KrasnayaSecurity/xkcd936/blob/master/listGen936.py Once I get it I'll try coming up with more bruteforcing algorithms such as substituting symbols, numbers, camel case, and the like. Point is, don't rely on this or any one method. I wouldn't be surprised if the crackers are already working on something like this. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:03, 8 September 2014 (UTC)
:It took 1.25 hours to bruteforce "correcthorsebatterystaple" using the 2,000 most common words with one CPU. [[User:Lieutenant S.|Lieutenant S.]] ([[User talk:Lieutenant S.|talk]]) 07:09, 9 September 2014 (UTC)
:: 1) ... as compared to 69 milliseconds for the other method. 2) Since you are able to test 3,9 billion passwords as second (very impressive!) I am guessing that your setup is not performing its attack over a ”weak remote service”, which is breaking the rules of the #936 game. 3) five words and a 20k-wordlist would get you 9400 years (still breaking the weak remote service rule).--[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 09:13, 14 October 2014 (UTC)
:: 2) Two thoughts: You use itertools.permutations, which only covers non-repeating words, but mainly you don't actually hash the password. If you have a plain-text password, there no need to crack the password because you could just look at it. Example of an actual crack for this type of password: https://github.com/koshippy/xkcd_password/blob/master/password_crack.py My computer gets 10,000,000 guesses in ~16 seconds (non-hashed takes ~2 seconds), meaning it would take almost a year to try every combination. (2048^4 total password space). Even optimizing by using c++/java or JtR, you wouldn't see huge improvement since most of the time is from the SHA hashing. Point being: a typical user can't crack this type of password in a short amount of time, even if they know your wordlist. [[Special:Contributions/199.27.128.212|199.27.128.212]] 12:05, 17 February 2015 (UTC) Koshippy

Sometimes this is not possible. (I'm looking at you, local banks with 8-12 character passwords and PayPal) If I can, I use a full sentence. A compound sentence for the important stuff. This adds the capitalization, punctuation and possibly the use of numbers while it's even easier to remember then Randall's scheme. I think it might help against the keyloggers too, if your browser/application autofills the username filed, because you password doesn't stand out from the feed with being gibberish. [[Special:Contributions/195.56.58.169|195.56.58.169]] 09:01, 30 August 2013 (UTC)

The basic concept can be adapted to limited-length passwords easily enough: memorize a phrase and use the first letter of each word. It'll require about a dozen words (you're only getting 4.7 bits per letter at best, actually less because first letters of words are not truly random, though they are weakly if at all correlated with their neighbors -- based on the frequencies of first letters of words in English, and assuming no correlation between each first letter and the next, I calculate about 4 bits per character of Shannon entropy). SteveMB 18:35, 30 August 2013 (UTC)

Followup: The results of extracting the first letters of words in sample texts (the {{w|Project_Gutenberg|Project Gutenberg}} texts of ''The Adventures of Huckleberry Finn'', ''The War of the Worlds'', and ''Little Fuzzy'') and applying a {{w|Entropy_(information_theory)|Shannon entropy calculation}} were 4.07 bits per letter (i.e. first letter in word) and 8.08 bits per digraph (i.e. first letters in two consecutive words). These results suggest that first-letter-of-phrase passwords have approximately 4 bits per letter of entropy. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:21, 4 September 2013 (UTC)

Addendum: The above test was case-insensitive (all letters converted to lowercase before feeding them to the [[http://millikeys.sourceforge.net/freqanalysis.html frequency counter]]). Thus, true-random use of uppercase and lowercase would have 5 bits per letter of entropy, and any variation in case (e.g. preserving the case of the original first letter) would fall between 4 and 5 bits per letter. --[[User:SteveMB|SteveMB]] ([[User talk:SteveMB|talk]]) 14:28, 4 September 2013 (UTC)

I just have RANDOM.ORG print me ten pages of 8-character passwords and tape it to the wall, then highlight some of them and use others (say two down and to the right or similar) for my passwords, maybe a given line a line a little jumbled for more security. [[Special:Contributions/70.24.167.3|70.24.167.3]] 13:27, 30 September 2013 (UTC)
:Remind me to visit your office and secretly replace your wall-lists by a list of very similar looking strings ;) --[[User:Chtz|Chtz]] ([[User talk:Chtz|talk]]) 13:53, 30 September 2013 (UTC)

Simple.com (online banking site) had the following on it’s registration page:

“Passphrase? Yes. Passphrases are easier to remember and more secure than traditional passwords. For example, try a group of words with spaces in between, or a sentence you know you'll remember. "correct horse battery staple" is a better passphrase than r0b0tz26.”

Online security for a banking site has been informed by an online comic. Astounding.
[[Special:Contributions/173.245.54.78|173.245.54.78]] 21:22, 11 November 2013 (UTC)

The Web service Dropbox has an Easter egg related to this comic on their sign-up page. That page has a password strength indicator (powered by JavaScript) which changes as you type your password. This indicator also shows hints when hovering the mouse cursor over it. Entering "Tr0ub4dor&3" or "Tr0ub4dour&3" as the password causes the password strength indicator to fall to zero, with the hint saying, "Guess again." Entering "correcthorsebatterystaple" as the password also causes the strength indicator to fall to zero, but the hint says, "Whoa there, don't take advice from a webcomic too literally ;)." [[Special:Contributions/108.162.218.95|108.162.218.95]] 15:17, 11 February 2014 (UTC)

The explanation said that the comic uses a dictionary[http://www.explainxkcd.com/wiki/index.php?title=936:_Password_Strength&oldid=59309]. In fact it's a word list, which seems similar but it's not. All the words in the word list must be easy to memorize. This means it's better not to have words such as ''than'' or ''if''. Also, it's better not to have homophones (''wood'' and ''would'', for example). The sentence ''dictionary attack'' doesn't apply here. A dictionary attack requires the attacker to use all the words in the dictionary (e.g. 100,000 words). Here we must generate the 17,592,186,044,416 combinations of 4 common words. Those combinations can't be found in any dictionary. At 25 bytes per "word" that dictionary would need 400 {{w|tebi|binary terabytes}} to be stored. [[User:Xhfz|Xhfz]] ([[User talk:Xhfz|talk]]) 21:37, 11 March 2014 (UTC)

This comic was mentioned in a TED talk by Lorrie Faith Cranor on in March 2014. After performing a lot of studies and analysis, she concludes that "pass phrase" passwords are no easier to remember than complex passwords and that the increased length of the password increases the number of errors when typing it. There is a lot of other useful information from her studies that can be gleaned from the talk. [http://www.ted.com/talks/lorrie_faith_cranor_what_s_wrong_with_your_pa_w0rd Link]. What she doesn't mention is the frequency of changing passwords - in most organizations it's ~90 days. I don't know where that standard originated, but (as a sys admin) I suspect it's about as ineffective as most of our other password trickery - that is that it does nothing. Today's password thieves don't bash stolen password hash tables, they bundle keyloggers with game trainers and browser plugins.--[[Special:Contributions/173.245.50.75|173.245.50.75]] 18:14, 2 July 2014 (UTC)
:: Lorrie Faith Cranor gets the random part of #936 word generation correct, which is great. Regarding memorizability, this study (https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf) does not address #936. The study uses no generator for gibberish of length 11. Most comparable are perhaps two classes of five or six randomly assigned characters. None of the study's generators has 44 bits of entropy – its dictionary for the method closest to #936 – noun-instr – contains only 181 nouns. The article contains no discussion of the significance of these differences to #936. In her TED Lorrie Faith Cranor says ”sorry all you xkcd fans” which could be interpreted as judgement of #936, but there is no basis in the above article for that. It does however seem plausible that the report could be reworked to address #936. --[[User:Gnirre|Gnirre]] ([[User talk:Gnirre|talk]]) 10:42, 14 October 2014 (UTC)

:Password-changing frequency isn't about making passwords more ''secure'', but instead it's about ''mitigating the damage'' of a successfully cracked password. If a hacker gets your password (through any means) and your password changes every 90 days, the password the hacker has obtained is only useful for a few months at most. That might be enough, but it might not. If the hacker is brute forcing the passwords to get them, that cuts into the time the password is useful. --[[Special:Contributions/173.245.54.168|173.245.54.168]] 22:22, 13 October 2014 (UTC)
::However, brute-forcing gets much ''easier'' that way.
::Say the average employee is around for 10 years, which is reasonable for some companies , absurdly high for others, and a bit low for a family business. That's 40 password changes.
::Now if you have to remember another password every now and then, you sacrifice complexity, lest you forget it. A factor of 40 is like one character less. But how much shorter will the password be? It's more likely that it's gonna be 3 or 4 characters less. Congrats, you just a factor of 1000's for a perceived "mitigation", which doesn't even work. Pro attackers can vacuum your server in a DAY once they have the PW. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Just because you are required to have a password that has letters and numbers in it doesn't mean you can't make it memorable. When caps are required, use CamelCase. When punctuation is required, make it an ampersand (&) or include a contraction. When numbers are required, pick something that has significance to you (your birthday, the resolution of your television, ect.). Keep in mind that, if your phrase is an actual sentence, the password entropy is 1.1 bits per character (http://what-if.xkcd.com/34), so length is key if you want your password to be secure. (Though no known algorithm can actually exploit the 1.1 bits of entropy to gain time, so it might be more like 11 bits of entropy per word. Even then, my passwords have nonexistent and uncommon words in them, (like doge or trope), which also adds some entropy.) [[Special:Contributions/108.162.246.213|108.162.246.213]] 22:18, 1 September 2014 (UTC)
:Flip side of the story, the "capital plus small plus other char" policy doesn't make your password any safer.
:The German company T-online had an experimental gateway with the password, "internet". Now that sucked. No problem, tho, because that gateway wasn't accessible from outside. When they went live, they "improved" the password to "Internet1". There are still lots of these passwords around: first letter is a Cap, and the only non-alphabetic char is a 1 at the end. This doesn't add any entropy. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)
::[http://ask.metafilter.com/193052/Oh-Randall-you-do-confound-me-so#2779020 This] shows that about one third of all digits in a sample of passwords was "1" . [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:14, 4 December 2014 (UTC)
You can also troll the brute-force engine by using words from other languages, fictional books and video games.--[[User:Horsebattery|Horsebattery]] ([[User talk:Horsebattery|talk]]) 03:04, 3 November 2014 (UTC)
:That's a good idea; it adds to the entropy bits per word. If you really want to throw them off, mix different languages. Just don't use very well-known words; I'm sure the hackers have ''cojones'' and ''Blitzkrieg'' in their dictionaries. [[Special:Contributions/141.101.104.53|141.101.104.53]] 13:03, 4 December 2014 (UTC)

Also, passwords that are 'hard to remember' are themselves a security vulnerability. A password reset scheme (or even a lockout scheme) is a vulnerability. The more it needs to be used, the harder it becomes to police that vulnerability. Relatedly, hard-to-remember passwords leave users uncertain whether their password has been changed by someone else or they've just forgotten it. [[User:Ijkcomputer|Ijkcomputer]] ([[User talk:Ijkcomputer|talk]]) 15:32, 18 December 2014 (UTC)

Hi there, this comic gave me the idea for a password generator that can (optionally) use dictionary words. Have a look if you're interested: https://wordypasswords.com Use your common sense though about what is and isn't secure! Hope someone finds it useful. [[User:Mackatronic|Mackatronic]] ([[User talk:Mackatronic|talk]]) 08:23, 9 January 2015 (UTC)

I have not read all of the replies and in truth most of the detail is boring to me but it has occurred to me that with this sort of problem and since the Snowden affair, serious security devices will have to make the keyboard redundant.

At the moment all I can imagine is a series of pictures like hieroglyphs but even using a rolling code of ever changing font glyphs would do. When the security required by money minders reaches the stage of development possible with keyboards that can supply that sort of security, we will have some idea which banks have some idea about security.

Tip:
Not Barings. They have an history of intransigence and stupidity. (Still revered in banks though as able to cure colon cancer with poor investment strategies.)

[[User:Weatherlawyer| I used Google News BEFORE it was clickbait]] ([[User talk:Weatherlawyer|talk]]) 13:46, 23 January 2015 (UTC)

The D0g..................... (24 characters long) is NOT stronger than PrXyc.N(n4k77#L!eVdAfp9 (23 characters long). The reason why, is that the later password is random. There is no pattern. The former, "padding" technique can be very easily cracked. You just need to assume that each character be repeated 1~30 times. Then the first password would become : 1(D)1(0)1(g)21(.), which, is then of complexity 30^4 + 96^4, versus 96^23 for the random password. And that is assuming that any character can be repeated 1~30 times, so DDDDDDDDD0000000ggggggg...... also would be cracked extremely quickly. If you limit yourself to only last character padding, your password now becomes 30*96^4 possibilities. {{unsigned ip|108.162.222.235}}

And that's why it is stupid to explain this kind of joke : it depends on many (MANY) parameters such as brute-force method and encryption/hash algorithm. Giving this kind of (wrong) explanations about "pass cracking" (as if it was always the same way to process ...) is ridiculous. And they talk about entropy .......... Holy shit, go back to school and stop screwing cryptography up. zM_

I just use a password with a ␡ character or two, and ␇ for banks. [[Special:Contributions/108.162.242.21|108.162.242.21]] 08:33, 18 August 2015 (UTC)

I'am astonished that even someone like Schneier don't get 936 right immediately after reading it. So, I think I know what was going on in Munroes mind conceptually. Maybe there are some grans of salt, but I don't have a problem with these. But I do have one (or two) quantitative problem(s) with 936:
* I was not able to find out, how Munroe get the value of about 16 bits of entropy for the "uncommon" nine letter lower case "non-gibberish base word". This would mean: On average, a letter of such a word will have about 1.8 bits of entropy. May be, but how do we know? "Citation needed!" ;-)
* (Secondly: The "punctuation" should have 5, not 4 bits of entropy. There are 32 (2^5) ASCII punctuation characters (POSIX class [:punct:]). But I assume this is a lapse.)
Can some enlighten me? --[[Special:Contributions/162.158.91.236|162.158.91.236]] 17:31, 19 September 2015 (UTC)