• Furbag@lemmy.world
    link
    fedilink
    arrow-up
    6
    arrow-down
    2
    ·
    1 year ago

    I mean, the philosophy behind correcthorsebatterystaple is good. I used that method for master passwords to password managers and it really does work well to help you remember a long complex password that can’t be guessed easily.

    But some people might have been missing the point of that xkcd using correcthorsebatterystaple itself.

    • jasory@programming.dev
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      It’s okay. The thing is when running an attack are you going to permutate through every combination of characters, or are you going to use words from a dictionary first? correcthorsebatterystaple (not a dictionary word) is better than antidisestablishmentarianism (a dictionary word) but in a realistic attack concatenating dictionary words is going to be the next step.

      • Terrasque@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Because of the number of potential words in the dictionary, it’s still fairly secure. I would recommend 5 or 6 words though