Password Strength


To add to this excellent xkcd comic, the following site also exists : Password Haystacks.

Which is a stronger password?




(Click to find out, I’ll wait).

Pretty sweet indeed. What a difference.

Anyways, the reason I’m linking this stuff is that this would make a great lesson in exponents. While the first password uses far more letters and symbols, so it has a large base, since the power is only 6 there aren’t as many permutations to try. But the second password’s power of 23 fully compensates for the smaller base of letters to check.

The buy-in for this type of problem is that I’d bet that most students would pick T@+t0O as the stronger password. It’s a fun day in math class when you can fight (false) intuition.


5 thoughts on “Password Strength

  1. Really strong work, Dan. I’d had that xkcd comic on my desk for awhile but I couldn’t find the hook so I moved on. “Which is the better password?” has the kind of concision, perplexity, and guesswork I prize in the first act and, like you point out, the answer isn’t a little counter-intuitive.

  2. Nice. It’s also worth having this URL in your back pocket if discussion continues along the lines of “but what if everyone did this?”

    Contains a couple of different lists of common words indexed by five digit numbers with digits from 1-6, such that you can roll some dice to generate a memorable, incredibly secure password. It also explains why this method is secure even if someone knows you used that site to create the password (as long as you use at least 4-5 words in total).

    1. Some hilarious tips on the diceware website:

      Some Tips
      For maximum security make sure you are alone and close the curtains. Write on a hard surface – not on a pad of paper. After you memorize your passphrase, burn your notes, pulverize the ashes and flush them down the toilet.

Leave a Reply

Your email address will not be published. Required fields are marked *