Matthew GreenSomebody asked whether dictionary-word passphrases (“correct horse battery staple”, like the ones generated by 1Password) are any good. Short answer: good means different things. Shorter answer: yes!
I’ll talk about why in a thread below.
The basic idea of these passphrases is that you have a dictionary of D words. You pick N words at random. That’s the whole idea. Example: “overlook-hooey-valance-flood-useless-ladyship”.
Cryptocurrency BIP32 passwords use a 2048 (2^11) list, and use 12-24 words per passphrase. 1Password seems to use a larger list, between 18000-18500 words (2^14.15) and you can pick your length (6-8 is common.) https://github.com/1Password/spg/blob/master/agilewords.go
Someone in my timeline asked for papers saying these were good passwords. From a purely mathematical perspective we don’t need a paper, just a toot. But there’s more than math here.
Password quality is about three things: strength (how long til Mallory guesses it, perhaps with a powerful computer), memorability (can you keep it in your head) and usability (can you enter it into a website or device.) Only the first one involves any math.
The math for dictionary passphrases is pretty simple. Assuming you choose words uniformly at random: if your dictionary has D words and your oassphrase is N words long, then there are D^N total passphrases.
The total matters because for a random passphrase the best strategy for guessing is to try all (or most) of them. This D^N determines password cracking time.
A simpler way to do this math is with powers of 2. The 1 password dictionary is about 2^14 in size, so for a 6 word password we get 2^{14*6} = 2^84.
Cryptographers tend to treat anything over 2^80 as “probably good enough to secure your Bank of America account” and anything over 2^128 as “probably good enough to secure really important stuff”. I told you there’d be science.
Cassandrich@matthew_d_green I thought banks considered 10⁴ strong enough to secure your account. 🤪 🤣