Monday, June 09, 2008
Password complexity vs length
I have always chosen complex passwords over longer passwords, but which is actually most secure?
Lets consider a standard password creation scheme where we use a phrase and take the first letter of each word and substitute the occasional letter with punctuation or a number. So "Mary had a little lamb its fleece was white as snow" would become Mh4l1ifwWa$ - nice and complex. But how does that compare against a password like "mary had a little lamb."
Lets calculate the keyspace, in the complex password example each, of the 11 characters has 72 possible combinations assuming 26 uppercase, 26 lowercase, 10 digits and 10 punctuation characters. In the long password example each of the 23 characters can have 30 possible combinations assuming 26 lowercase and 4 punctuation (space, comma, fullstop and exclamation mark).
Complex password = possible combinations to the the power of the length = 72^11 = 2.7 x 10^20
Long password = possible combinations to the the power of the length = 30^23 = 9.4 x 10^33
So "mary had a little lamb." is 34,924,596,548,080 times more complex than Mh4l1ifwWa$. Length trumps complexity!
Lets consider a standard password creation scheme where we use a phrase and take the first letter of each word and substitute the occasional letter with punctuation or a number. So "Mary had a little lamb its fleece was white as snow" would become Mh4l1ifwWa$ - nice and complex. But how does that compare against a password like "mary had a little lamb."
Lets calculate the keyspace, in the complex password example each, of the 11 characters has 72 possible combinations assuming 26 uppercase, 26 lowercase, 10 digits and 10 punctuation characters. In the long password example each of the 23 characters can have 30 possible combinations assuming 26 lowercase and 4 punctuation (space, comma, fullstop and exclamation mark).
Complex password = possible combinations to the the power of the length = 72^11 = 2.7 x 10^20
Long password = possible combinations to the the power of the length = 30^23 = 9.4 x 10^33
So "mary had a little lamb." is 34,924,596,548,080 times more complex than Mh4l1ifwWa$. Length trumps complexity!
Labels: Security
Google Bookmarks
As I use a variety of computers on a daily basis, keeping my bookmarks sync'd is a real pain. I've been using Google Browser Sync to keep them all sync'd, but there are issues with this, especially as I don't want some of my personal bookmarks on my work computers.
I have switched all my bookmarks (over 1000 of them!) to Google Bookmarks. Not only can I access them from anywhere on any computer, but Google Bookmarks allows me to not only search through my bookmarks but it also searches the pages that the bookmarks point to.
I have switched all my bookmarks (over 1000 of them!) to Google Bookmarks. Not only can I access them from anywhere on any computer, but Google Bookmarks allows me to not only search through my bookmarks but it also searches the pages that the bookmarks point to.
Labels: Google
