[arch-general] How long do you make the passphrase for the private key?

Ralf Mardorf silver.bullet at zoho.com
Wed Jun 26 00:38:29 UTC 2019


On Tue, 25 Jun 2019 23:16:04 +0200, mpan wrote:
>> Randomly open a dictionary and then randomly pointing on a word,
>> repeating this a few times, is one way for an artist to get an
>> inspiration.
>> 
>> I wonder how safe it is to use such a method to generate a
>> passphrase.  
>  An old Chinese proverb says: do not invent your own crypto.

I wouldn't do it exactly as described by my ironical inspiration
example, I just wanted to point out that here are always pitfalls.
Security experts are sometimes the reason for security flaws.
"Heartbleed" for example was introduced as part of the groundwork for a
dissertation. Sometimes questions and their answers are purely
academic. Keep in mind that if you dice, random could generate a result
absolutely equal to an biased pattern of even an obsessional neurotic
and the obsessional neurotic wouldn't notice it. The likehood of
randomly generating 1234 alike passphrases could only be ruled out by
biasing the random generation with a pattern to avoid patterns. Nobody
can rule out this dilemma.


More information about the arch-general mailing list