Somebody asked whether dictionary-word passphrases (âcorrect horse battery stapleâ, like the ones generated by 1Password) are any good. Short answer: good means different things. Shorter answer: yes!
Iâll talk about why in a thread below.
The basic idea of these passphrases is that you have a dictionary of D words. You pick N words at random. Thatâs the whole idea. Example: âoverlook-hooey-valance-flood-useless-ladyshipâ.
Cryptocurrency BIP32 passwords use a 2048 (2^11) list, and use 12-24 words per passphrase. 1Password seems to use a larger list, between 18000-18500 words (2^14.15) and you can pick your length (6-8 is common.) https://github.com/1Password/spg/blob/master/agilewords.go
Someone in my timeline asked for papers saying these were good passwords. From a purely mathematical perspective we donât need a paper, just a toot. But thereâs more than math here.
Password quality is about three things: strength (how long til Mallory guesses it, perhaps with a powerful computer), memorability (can you keep it in your head) and usability (can you enter it into a website or device.) Only the first one involves any math.
The math for dictionary passphrases is pretty simple. Assuming you choose words uniformly at random: if your dictionary has D words and your oassphrase is N words long, then there are D^N total passphrases.
The total matters because for a random passphrase the best strategy for guessing is to try all (or most) of them. This D^N determines password cracking time.
A simpler way to do this math is with powers of 2. The 1 password dictionary is about 2^14 in size, so for a 6 word password we get 2^{14*6} = 2^84.
Cryptographers tend to treat anything over 2^80 as âprobably good enough to secure your Bank of America accountâ and anything over 2^128 as âprobably good enough to secure really important stuffâ. I told you thereâd be science.
For comparison, last I checked the Bitcoin network was computing about 2^64 hashes every 10 minutes and using as much electricity as Argentina.
Bitcoin doesnât crack passwords, but if it could & the entire Bitcoin network was cracking your 6-word 1Password phrase, it would take about 9.5 years on average.
But what about human memorability? Can people memorize such complex passwords? The answer is âyesâ, because I just memorized one.
If you donât accept N=1 studies, then there are a few studies. This one looks at 3-4 word passphrases: https://cups.cs.cmu.edu/soups/2012/proceedings/a7_Shay.pdf
@matthew_d_green Itâs definitely possible to remember 3-4 word pass phrases (correct horse battery staple is 4 words) but are those secure enough? 8 word master passwords seem significantly more difficult to remember.
@petersterne @matthew_d_green
An oft cited study claims that the magic number of things most people can memorize easily is 7. A 7-word pass phrase, using a sufficiently large dictionary, would be pretty strong.
https://en.m.wikipedia.org/wiki/The_Magical_Number_Seven,_Plus_or_Minus_Two
