|
Pyromaniac Ida posted:Is 7-zip a good way to encrypt sound files? gpg --symmetric FILE
|
# ¿ Oct 22, 2018 23:03 |
|
|
# ¿ May 11, 2024 18:52 |
|
If it's a sentence then it's not high entropy at all. Using special characters or punctuation greatly increases the user's cognitive load for negligible entropy gain. If entropy is not enough, and another word to an alphabetic, lowercase only diceware passphrase instead of increasing the likelihood of misremembering or stumbling into keyboard character encoding issues when emergency unlocking. 80+ bits is enough forever, no one will ever brute force that, nor will anyone bother to try it when other things are so much easier.
|
# ¿ Mar 10, 2021 12:38 |
|
Rooted Vegetable posted:I think she means like a sentence, but not an actual sentence. E.g. "Correct, Horse Battery Staple." Sure, but the point stands, unless you're confident that: 1) you'll never get confused about what and where the punctuation is, and 2) you'll never type your passphrase in a different locale than your current one (do you know where the comma and question mark keys are in a french keyboard layout?) are both true, then you're better off rejecting any characters other than lowercase ASCII letters in your master password.
|
# ¿ Mar 10, 2021 22:23 |
|
RFC2324 posted:unless you are advocating against the use of special characters. It's OK to use them in web logins that are kept in a password manager and never typed by a human but for a master password and any other really important ones, the ones that should be written down on paper and never updated, lowercase ASCII letters only is the way to go. Encryption is a fantastic way of locking oneself out of important data when it's most needed. RFC2324 posted:And point 1 is an argument against strong passwords of any type. If an entropy estimator has a ceiling for strictly alphabetic passwords, it's plainly broken. But enough bike-shedding from me.
|
# ¿ Mar 11, 2021 22:35 |
|
No comment on CA trust issues but wrt SHA1 as a crypto hash function: it's hard as gently caress to create collisions for (iow, it's broken, not cryptographically secure any longer) and (like MD5) still 100% secure against pre-image attacks.
|
# ¿ Aug 19, 2023 18:47 |