1 |
On 11/10/2015 09:17 PM, Michael Orlitzky wrote: |
2 |
> On 11/10/2015 02:00 PM, Jeff Smelser wrote: |
3 |
>> I guess from this your assuming that everyones passwords that have been |
4 |
>> hacked are god, birthdays and such? |
5 |
>> |
6 |
> Again: assume that I'm not an idiot, and that I know how to choose a |
7 |
> long, random password. It cannot be brute-forced. And if it could, |
8 |
> adding an SSH key encrypted with a password of the same length would |
9 |
> provide no extra security. |
10 |
> |
11 |
> |
12 |
Are you sure you know how such keys work? An extremely 15 character password (Upper case, lower case, numbers, 8 more symbols) gives you ~4747561509943000000000000000 combinations. Just a simple 2048 bit key on the other hand (~180 of which are "secure") 1532495540865888858358347027150309183618739122183602176. Thats ALOT moar. You don't have to generate the key from a password! |