Passwords Are Finished, Say Hello To Passphrases … A Story of An Elm Tree and A Bonnet

The password as a concept is nearly finished, as it’s not too difficult to crack the hash versions of them. And so nine characters…
Photo by Jet Kim on Unsplash

Passwords Are Finished, Say Hello To Passphrases … A Story of An Elm Tree and A Bonnet

The password as a concept is nearly finished, as it’s not too difficult to crack the hash versions of them. And so nine characters passwords can often be cracked within hours, and 10 character passwords with days. A major problem is the usage of words from a dictionary, and so we get passwords such as:

%jkL9$4h.f@fDd

and which are almost impossible to remember.

And so for our passwords we should possibly move towards having phrases which link words together, and which can be easily memorized. For this the EFF are here to protect you, and so they have created a wordlist that can be used to create random passphrases:

They are generated by a roll of five dices [here]:

If we roll a dice with “1”, “1”, “1”, “1”, and “1”, we generate the word of “abacus”. So what’s the probability that I will guess your word? Well, there are six possible values so the probabaility will be:

Prob = 1 in 6⁵ = 1 in 7776 = 0.000128600823

But if I now use eight words, the chances of you finding it will be:

0.000128600823⁸ = 0.000 016 075 102 875

But, of course, you would have to know if I was using these strings. If you had to search a dictionary, then it would be 26^n, and where n is the number of characters in the phrase. If it have this phrase:

predator almanac erased maritime anaerobic ramrod deepness registry

We have 64 characters, and now the chances you will find it will be:

26⁶⁴

and which is 36 and ninety numbers.

So, let’s use Rust, to install genpass, with:

cargo install genpass

A sample run is [here]:

Characters "10"
.
Generator: y/p=<,qoA6
.
Numeric: 3326743325
.
Lowercase: tqzrccrsmb
.
Uppercase: XDDOUEWUKN
.
Passphrase: finite brim

and with 18 characters [here]:

Characters "18"
.
Generator: C',CkwW$HYAr7rU+_a
.
Numeric: 161866460576267334
.
Lowercase: xqravwgwfrpgmxlurn
.
Uppercase: ICNLYGBSCHTLRYNXBR
.
Passphrase: widget job spinout

and with 64 characters [here]:

Characters "64"
.
Generator: 1q8eQx|Xo/Oq7[$03lI6GOyWzy9tHxKJDW5&!|;XWal7#G-dJN8v-ZI|K6^<%9M
.
Numeric: 7123768740814949562662698933630414389614586114802641837204466706
.
Lowercase: lxcpalurneoleblckyokrhqwsfqsvwkzwaqvfnrwocbmtohjptunwkywdvmfkmgw
.
Uppercase: BCXBWZDAHLRHTKPSCVZCWZVWVYHKYNIMEOFTLRQJOJVCTLGCFYRSFMQWBSIHVSMW
.
Passphrase: elm diagram eatery bonnet rescuer confused salary swimwear dissuade

In this case, we could create a mindmap of seeing an elm tree, with a diagram on it, and which shows the way to an eatry, and as we enter, we see a person with a honnet on … and so on.

So go and generate your own story:

Password Generator in Rust
Characters "18" . Generator: C',CkwW$HYAr7rU+_a . Numeric: 161866460576267334 . Lowercase: xqravwgwfrpgmxlurn …asecuritysite.com