And obviously, take advantage of MFA.įor anyone interested, here is a password entropy calculator: Hence why I use a full sentence, which makes it much easier to remember. Note, your master password should not be used anywhere else nor stored anywhere else. My knowledge is limited on the latter, hence why I initially stated that it was only a partial exception. However, this does not account for new tech, such as quantum computers, etc. Even with current tech doubling in power every couple of years, it won't be an issue for many years. If we compare the number of combinations of that 8-character password to my "phrase", it would take 1,000,000 of these eight-card rigs over a million years to crack my phrase using brute force. If your password and iterations are comparable, then the amount of processing power required to brute force your master password is ridiculously immense.įor comparison, it took an eight-card rig of RTX 4090 GPUs 48 minutes to crack an 8-character password late last year. The 1,000,000 iterations add about 20 more bits. My master "phrase" is in excess of 25 characters and has an entropy of 183.96 bits. I would recommend using a full sentence for your master password, that includes capital letters, spaces, punctuation, and at least one number. The partial exception to this would be for those who changed their password iterations prior to any of the breaches (mine are and have been at 1,000,000) and who have a password worth a damn.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |