Passwords stored by Firefox
Eddie G. O'Connor Jr.
eoconnor25 at gmail.com
Sun Feb 15 14:51:05 UTC 2015
On 02/15/2015 09:43 AM, Heinz Diehl wrote:
> On 15.02.2015, Eddie G. O'Connor Jr. wrote:
>
>> imagine if the "word" ISN'T a word that's found in the dictionary.....ANY
>> dictionary.....would that qualify it as being a bit more secure?
> Here's the "math" behind it, so you can calculate for yourself:
>
> The password strength (entropy) is calculated this way,
>
> B = ((L * log P) / log 2)
>
> where B is the entropy in bits, L is the length of the password, and P is
> the amount of possible different chars (the "pool"). So if you choose e.g. base64,
> P will always be 64, and if you choose a password which e.g. includes A-Za-z0-9
> og random chars as %!"/(] (and so on), P will be higher, thus resulting in
> a higher strength of the overall password. There are P^L different passwords.
>
> In general, a password only containing letters or numbers must be *very* large to have a
> high security margin.
>
I see! Wow....I guess I now have to rethink my entire password process!
Thanks for the document....it explained the MD5 / hash a little
better.....well gotta get to work on all the security. Maybe I'll take a
look at one of those Password Managers after all!
EGO II
More information about the users
mailing list