Reply to post:

Father of Unix Ken Thompson checkmated: Old eight-char password is finally cracked

d3vy Silver badge

As always the answer is "It depends"

If the person trying to crack the PW knows that its 6 random short words then they can factor that into their attempts at cracking the password which reduces the amount of possible combinations considerably.

If they don't know anything about the password they are cracking and they need to brute force it using random combinations of letters six short words is considerably safer than eight random characters (Easier for a human to remember too - so less likely to be written down).

Factor in a decent salt and I wouldn't have too many concerns about this at all.

Many of the passwords I have to anything important are made up of words or short phrases.. if you're really paranoid misspell one of the words...

Its never going to be un-crackable (As the article demonstrates, over a sufficient amount of time, nothing is) but you're definitely into the realms of it being unfeasible for the foreseeable future.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019