Re: Someone said 256 bits is not enough

On 28 Feb, 17:51, "Sebastian G." <se...@xxxxxxxxx> wrote:
Vend wrote:
On 28 Feb, 16:07, "Sebastian G." <se...@xxxxxxxxx> wrote:
giorgio.tani wrote:
Another thing to note is that is very hard to remember passwords
(passphrases) with enough enthropy to effectively use 256 bit keyspace
(even 128 bit one!)
Bullshit. Considering about 4 bits entropy per character for english text,
this would be 64 characters, which is a short sentence. Which is definitely
easy to remember.

Actually I think that the estimate is ~1 bit per character of
meaningful English text.

Considering appropriate modelling, which is not available per se.

Even without appropriate modelling, I doubt it is would be more than
~2 bits of work per character.
And anyway, it's better to underestimate entropy rather than
overestimate it.

Relevant Pages