Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Depends on what you're protecting. Try not to lose sight of the idea that security doesn't exist in a vacuum.


Xkcd's classical correct course battery staple is about 40 bits is entropy, while being selected uniformly at random from a fairly large pool of words.

I can assure you that the average user wouldn't get above 15 - 20 bits with self selected words. That's often worse than most current passwords.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: