Master password: how many Diceware words?
I know this is another stupid newbie question. And the answer is almost assuredly "opinions differ about that." But I'm wondering what the AgileBits party line is regarding Diceware master passphrase length. I seem to remember seeing that Arnold Reinhold himself is telling folks to use 6 words... so is that what most people use? I can type fast on a keyboard, so even 7 is fine. But on an iPhone keypad... let's just say I don't want to make it longer than it needs to be. What is the general advice given? Would 5 normally be considered strong enough? 6? I think about how many other passwords etc are stored in the app, and lean toward 7.
Comments
-
Good question! If you are comfortable with 7 words in your Diceware-based Master Password then by all means you should do that and stop reading everything else that follows. :)
If you are looking for something that is easier to type on a mobile keyboard, you may want to check out @jpgoldberg's fun "side project" of alpha-only word lists.
As for the exact number, it does in fact depend on what you are comfortable with. This table from our "On hashcat and strong Master Passwords as your best protection" blog post from last year may offer some helpful guidance:
Of course, there is new hashcat news as of yesterday, and we should have a new blog post soon. :)
0 -
And there it is now. Right on cue. ;)
Crackers report great news for 1Password 4
Note that the above chart is referencing the Cloud Keychain Format. I encourage you to read more about the transition from Agile Keychain Format to Cloud Keychain format.
0
