Please someone settle this.

OK If you use PGP or another encryption program, wouldn't it be better encrypted if you use a longer hard password (60 char)? It's a little thing me and a friend is kind of talking about. He said that he uses 8 char and it's jast a strong as using 60 char.

 

It's very very simple, as you place your password into PGP it indicates strength of that password, a long password containing numbers and letters both in upper and lower case is far stronger than a short one.

http://www.uni.edu/its/us/faqs/security/PasswordsStrong.htm

http://www.microsoft.com/athome/security/privacy/password.mspx

Hope this helps...

Cheers

 

It helps. Now time to direct him to them pages to show him that more is better.

 

Here's another very good link on passwords: http://www.langa.com/newsletters/2003/2003-03-03.htm#1

Cheers

 

Thanks I'll send him there also.

 

I agree with you but 60 characters? That's taking it a bit far if you ask me!

 

In some cases an 8 char password is just as strong as a 60 char password, just depends on the encryption algorithm / key length which it is used in.

Of course in most cases a 60 char password would have more entropy than an 8 char password, ie it would be stronger. However the way the password is used and what it is used in is also important.

*edit* An 8 character password can even be stronger than a 60 character one depending on certain factors. To simplify things imagine 8 random letters compared to 60 letter A's.

AYWMZHAK

compared to

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA and etc

 

Thanks Jason, I've started using Keymaker 2.0 by Softnik Technologies, quite a nifty little tool:

http://www.itoolpad.com/products/keymaker/

http://www.snapfiles.com/get/keymaker.html

Cheers

 

Add this one to the mix if you like: https://www.wilderssecurity.com/showthread.php?t=6129&highlight=ASCII passwords . Pete

 

Very nice, many thanks Pete.

Cheers