Re: Encryption - How to Choose Password

---

• From: Unruh <unruh-spam@xxxxxxxxxxxxxx>
• Date: 4 Jan 2007 12:58:33 GMT

---

David Eather <eather@xxxxxxxxxx> writes:

Paul Rubin wrote:

Stephen@xxxxxxxxxxxxxx writes:

I'm playing with Truecrypt and am not sure how best to choose a good
password. Anyone have any advice on how best to do this? I can use a
random sequence of characters but how do I remember them in the future
without writing them down?

Generate a passphrase using the diceware method (www.diceware.com).
Write the phrase down on a little slip of paper and put it in your
pocket. Refer to the slip of paper when you need the phrase. After
you've done this a few times you'll find that you remember the phrase
and you need to refer to the paper less. Once you're confident that
you remember the phrase, rip up the paper into small pieces and throw
them away. Or if you want to be like a real secret agent, then
instead of throwing away the pieces, you can eat them.

I have a web script that generates diceware phrases that you can use:

http://www.nightsong.com/crypto/dice.php

Really really terrible idea. YOu want a passowrd to protect your secrets
and you then have a web page run by someone you know nothing about
generating that passphrase for you and
transmitting your secrets over the net unencrypted.

Nit pick - if you want to throw the piece of paper away make sure the
password is something you use *regularly*.

Agreed. Unused passwords are extremely raplidly forgotten. And even if you
know it perfectly if you do not use it for a month you will have forgotten
it.


.

---

• Follow-Ups:
  • Re: Encryption - How to Choose Password
    • From: Paul Rubin
  • Re: Encryption - How to Choose Password
    • From: Mike Amling
  • Re: Encryption - How to Choose Password
    • From: Luc The Perverse

• References:
  • Re: Encryption - How to Choose Password
    • From: Paul Rubin
  • Re: Encryption - How to Choose Password
    • From: David Eather

• Prev by Date: Re: Thank you all for the constructive comments
• Next by Date: Re: Password "scoring"
• Previous by thread: Re: Encryption - How to Choose Password
• Next by thread: Re: Encryption - How to Choose Password
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: How to programmatically create a partition? ... >> especially with administrator privileges. ... >course), and that pass phrase itself is only stored in my head, you ... privileges has the means to disclose your secrets when YOU ... An attacker with local administrator privileges ... (microsoft.public.dotnet.general) Re: Cars World Premiere - Wow! So much fun!! ... In the Deep South, where people speak with such a heavy drawl that one would need a translator to understand them, the word "tomato" is in fact pronounced "tow-mater", or just shortened to "mater". ... Although I myself do not like tomatoes, I understand that the very best ones come from old trucks on the side of the road with signs that refer to them as "maters". ... The phrase actually means "let's get going" or "let's get to work" with the "her" in the phrase referring to the job needing to be "done". ... (rec.arts.disney.parks) Re: Company photo time - at least Im not a porn star this time ... Any phrase that is the result of s/Typhoid/Verizon/ has to be worth a ... The results seem to mostly refer to Mary something-or-other, ... one of thier spokespeople, ... (alt.sysadmin.recovery) Re: Better way to say "making sausages" ? ... alright. ... So I use the phrase "making sausages" to refer to something which seems ... (alt.usage.english) Re: My first experience at a casino poker room ... >It is from this ban on smelling fingers in casinos that ... >the phrase 'not to be sniffed at' came into common usage to refer to an ... (rec.gambling.poker)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2007-01