Author Topic: longer password, greater security?  (Read 5272 times)

qufkr@forum

  • Guest
longer password, greater security?
« on: December 25, 2005, 05:25:55 PM »
i know. longer the password, harder for a hacker to guess the password.

But,
if the hacker steal the password rather than to guess the password, then, longer the password, it's easier for the hacker to guess the _master_ password from the stolen password. because longer password means more infomation.

That's really more infomation, using Online version with master password = amaster, username = auser, passwordlength = 12, url = password.org, the generated password is:
EyNBL:}CcHjf

Now, with same setting but change password length to 15, the generated password is:
EyNBL:}CcHjfuQY

EyNBL:}CcHjf
and
EyNBL:}CcHjfuQY
, the former is a substring of the latter, so somehow infomation of latter contains infomation of former.

In sum, if i am right, a dilemma!
So question is what length is the most recommended or secure password length?

Offline Eric H. Jung

  • grimholtz
  • Administrator
  • *****
  • Posts: 3353
longer password, greater security?
« Reply #1 on: December 25, 2005, 09:48:07 PM »
Hi qufkr@forum,

PasswordMaker uses cryptographic hash functions to generate passwords. If you read about crytographic hash functions, you'll learn that more information (i.e., more of the hash) does not give the hacker anymore knowledge of the input (master password, url, etc) than less of the hash.

Let me know if you have any questions.

Regards,
Eric
« Last Edit: December 25, 2005, 10:02:45 PM by Eric H. Jung »

PasswordMaker Forums

longer password, greater security?
« Reply #1 on: December 25, 2005, 09:48:07 PM »