Can the password generator generate the same password?

Mattis
Mattis
Community Member
in Mac

Hello people,

I have a question that interests me:

Let's say I generated a password for Twitter two years ago. Could the password generator theoretically generate the exact same password by random chance and use it for an object?

Is it theoretically possible that the password generator generates a password that is already used by an object?

Thanks for reading.

Mattis

1Password Version: 1Password 7.7
Extension Version: Not Provided
OS Version: macOS Big Sur 11.2.1
Sync Type: 1Password.com

Comments

  • jpgoldberg
    jpgoldberg
    1Password Alumni
    edited February 2021

    It is theoretically possible in the sense that it is theoretically possible that you could put a pot of water on a lit stove and the water would freeze. So if you have found the same password generated twice, it will be the case that somehow or other one got copied to the other. For example, if you filled on Site B a password for Site A (via copy/paste, because 1Password won't autofill onto the wrong site) and then saved the password for Site B, you could end up with the same password for each.

    The answer to how theoretically possible depends on the password generation. So suppose you generated with default settings that are showing up in more of our clients (four syllables, one uppercases, digits/symbol separators) those work out to about 89 bits.

    For numbers this large, we can just use the square root approximation for birthday collisions. You would have to generate about 2^44 passwords before you would have a 50% chance of two of those being the same.

  • jpgoldberg
    jpgoldberg
    1Password Alumni
    edited February 2021

    For large d (where d is the number of distinct possibilities) to find how many items n you need to generate to get probability p of a collision, the approximate

    n = sqrt(2d ln(1 / 1 - p))

    works.

    So for d = 2^89 (which is the number of passwords that are produces by our smart password generator scheme) and seeing what is needed to get as high as a one in one million chance (p = 1/1000000), we plug in those and get about 35 billion. So if that is the style of password you are generating, you would need to generate more than 35 billion of them to have a 1 in one million chance that two of them will be the same.

    If each password takes 20 bytes to store, then you could fit those on a terabyte drive.

  • Mattis
    Mattis
    Community Member

    Thank you @jpgoldberg!

  • ag_ana
    ag_ana
    1Password Alumni

    On behalf of jpgoldberg, you are very welcome @Mattis! If you have any other questions, please feel free to reach out anytime.

    Have a wonderful day :)

  • Mattis
    Mattis
    Community Member

    Thank you. Have a wonderful day too. @ag_ana

  • ag_ana
    ag_ana
    1Password Alumni

    Thank you :)

This discussion has been closed.