1994-07-05 - Re: Pass Phrases

Header Data

From: fasttech!zeke@uu4.psi.com (Bohdan Tashchuk)
To: toad.com!cypherpunks@uu4.psi.com
Message Hash: b62d051c2f74de516c048b7aac408114fe18cd49f995b930cebb506555f73638
Message ID: <9407050430.AA06018@fasttech>
Reply To: N/A
UTC Datetime: 1994-07-05 04:39:46 UTC
Raw Date: Mon, 4 Jul 94 21:39:46 PDT

Raw message

From: fasttech!zeke@uu4.psi.com (Bohdan Tashchuk)
Date: Mon, 4 Jul 94 21:39:46 PDT
To: toad.com!cypherpunks@uu4.psi.com
Subject: Re: Pass Phrases
Message-ID: <9407050430.AA06018@fasttech>
MIME-Version: 1.0
Content-Type: text/plain


We Americans have had many years of being forced to remember relatively
high-entropy things. Roughly 23 or 33 bits. I refer, of course, to phone
numbers. I, for one, have no problem remembering a few dozen of these,
in various area codes, even though I don't dial some of them for years.

Our neural cortexes have been "conditioned" to remember 7 digit (or 10 digit)
numbers. Much more easily than, say, 8 or 9 digit numbers.

So I claim that a simple way to get an easy 33 bits of entropy into your pass
phrase would be to generate a "random" 10 digit number, but then remember it
as an area code + phone number. You would, of course, combine this number
with some other sources of entropy, such as words or phrases.

If you really wanted to, you could forget the words or phrases and just
remember four numbers of this sort. You would have your magical 128+ bits
of entropy a lot more easily than remembering 40 random decimal digits.





Thread