Re: Strong Passwords Revisited

From: DaveK (
Date: 01/21/03

From: "DaveK" <>
Date: Tue, 21 Jan 2003 12:29:24 -0000

"Lohkee" <> wrote in message
> "Karl Levinson [x y] mvp" <> wrote in message
> news:eXv0PTJwCHA.2868@TK2MSFTNGP12...
> >
> > "Olaf Kilian" <> wrote in message
> >
> >
> > > The later the password would be guesed, the stronger it is. It
> > > depends on the method of the attack used against it. If you try to
> > > bruteforce a password with 0-8 chars - all alpha, lowercase - and you
> > > begin with "a", than "zzzzzzzz" is very strong. But if you begin
> > > guessing in reverse order "zzzzzzzz" is a joke and "a" is the
> I agree in terms of time, however, this has nothing to do with "strength"
> per se.

The fact that you believe in the notion of "strength per se" of a security
technology, rather than "strength against a given threat model", is the real
root of your confusion here. It's a meaningless concept. Against
rubber-hose cryptography, for example, all passwords are exactly as strong
or weak as each other, since a person's ability to resist torture does not
depend on the length (or indeed any other properties at all) of the password
they are being tortured to reveal. Against dictionary attack, non-words are
better; and against a full brute-force search, well, it depends what order
the search is done in, but whatever's furthest in search space from the
starting point is better.

> It is possible that an attacker could guess the password on the
> first attempt regardless of the number of possibilities or the contruction
> of the password. Strength is based on the number of possibilities, the
> there are, the less likely it is that this will happen.

Nope, that's merely *your* definition of strength, based on your
misunderstanding of how the term is currently used. Number of combinatorial
possibilities is only ONE of the factors on which the strength of a password

is based. Threat model, as explained above, is a factor which can entirely
override the contribution made by the number of combinatorial possibilities
to the strength of a pw.

> I think "discouragingly" is relative. As longs as I can crack a password
> before it expires, say 90 days, then 91 days becomes discouraging,
> it is not a problem (depending on how bad I want to crack it - if there is
> little payoff then why bother at all, i.e., 2 days is too much effort - if
> the payoff is great then . . . )

See my other reply, where I demonstrate that your estimates of the
practicability of exhaustive brute force searches are out by a factor of
nearly a hundred thousand times.


moderator of
Burn your ID card!
Help support the campaign, copy this into your .sig!
Proud Member of the Exclusive "I have been plonked by Davee because he
thinks I'm interesting" List Member #<insert number here>
Master of Many Meowing Minions
Holder of the exhalted PF Chang's Crab Wonton Award for kook spankage above
and beyond the call of hilarity.
PGP Key-ID: 0x0FB504D1 Fingerprint 04B7 2E8C 0245 680E  6484 C441 CEC7 D2BD