[arch-general] How long do you make the passphrase for the private key?

Robin Broda arch-ml at coderobe.net
Mon Jun 24 21:08:28 UTC 2019

On 6/24/19 5:45 PM, Jude DaShiell wrote:
> The last standard the United States Navy used before it migrated to
> smartcards was 16 characters with at least two digits; at least two
> upper-case, at least two lower-case, and at least two special
> characters.  A slight improvement on that would have been to insure the
> pass phrase started and ended with a letter.

Unrelated to the topic at hand, these password recommendations have been
outdated for about a decade.

Additionally, that 'slight improvement' you're mentioning actually
*decreases* the search-space required for bruteforcing...

Rob (coderobe)

O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20190624/6273f37c/attachment.sig>

More information about the arch-general mailing list