Contents - Keywords - Search || InstantCrypt Home - Previous - Next
A Good Passphrase
What the passphrase does
The passphrase (what used to be called password) protects your encryption key. A good passphrase takes the best computers a long time to crack. As computers have gotten faster, their ability to find out passwords have increased dramatically. Normal passwords are not safe any more except (maybe) for protecting your computer during lunch break. Thus it is recommended that you use more than one word: the "password" mutated into a "passphrase".
What a passphrase should look like
A good passphrase follows these rules:
1. Length: It has 15 to 20 characters (more, if you wish).
2. Scope: Mix into your phrase (this increases the security of you passphrase enormously):
|
|
a) |
Lower and uppercase letters; uppercase letters in the middle of a word are good as more difficult to guess |
|
|
b) |
Numbers |
|
|
c) |
Special characters, such as ?, :, !, #, %, $, @, etc. |
|
|
d) |
Do not use international characters (ö, Ä), as programs may have a problem with these. |
3. Number of words: It consists of more than one word (that’s why we call it “phrase”).
4. Avoid using:
|
|
a) |
Words from your personal sphere, such as your dog’s name or your grandmother’s maiden name (easy to guess). |
|
|
b) |
Normal words from the dictionary, common first names, geographical locations, etc.: In what is called “dictionary attacks”, special programs find these out by just running an alphabetical search. |
|
|
c) |
However, if you combine two, three, or four names or normal words, the security is already much higher. |
Suggestions
1. A good way is to take something you can remember and modify it, e.g.
“tree monster spider with wings” turns into “tr33 monsterSp*der w? w()s” .
2. If you want to start with an easier passphrase now, maybe you should start with two to four normal words; please make sure to improve your passphrase later. (After changing you passphrase, you may want to make a new backup of your key, as you may likely forget the password of the old backup.)
Links
All important thoughts of this instruction are taken from http://www.iusmentis.com/security/passphrasefaq by Randall T. Williams.
The effects of length and scope of your passphrase on recovery time are documented here (I cannot vouch for the accuracy of these computations, but they look fine): www.lockdown.co.uk/?pg=combi&s=article