Talk:936: Password Strength

Explain xkcd: It's 'cause you're dumb.
Revision as of 20:17, 28 April 2013 by (talk)
Jump to: navigation, search

You still have to vary the words with a bit of capitalization, punctuation and numbers a bit, or hackers can just run a dictionary attack against your string of four words. Davidy²²[talk] 09:12, 9 March 2013 (UTC)

No you don't. Hackers cannot run a dictionary attack against a string of four randomly picked words. Look at the number of bits displayed in the image: 11 bits for each word. That means he's assuming a dictionary of 2048 words, from which each word is picked randomly. The assumption is that the cracker knows your password scheme. 20:17, 28 April 2013 (UTC) Willem