| 1 |
On 11/10/2015 09:17 PM, Michael Orlitzky wrote: |
| 2 |
> On 11/10/2015 02:00 PM, Jeff Smelser wrote: |
| 3 |
>> I guess from this your assuming that everyones passwords that have been |
| 4 |
>> hacked are god, birthdays and such? |
| 5 |
>> |
| 6 |
> Again: assume that I'm not an idiot, and that I know how to choose a |
| 7 |
> long, random password. It cannot be brute-forced. And if it could, |
| 8 |
> adding an SSH key encrypted with a password of the same length would |
| 9 |
> provide no extra security. |
| 10 |
> |
| 11 |
> |
| 12 |
Are you sure you know how such keys work? An extremely 15 character password (Upper case, lower case, numbers, 8 more symbols) gives you ~4747561509943000000000000000 combinations. Just a simple 2048 bit key on the other hand (~180 of which are "secure") 1532495540865888858358347027150309183618739122183602176. Thats ALOT moar. You don't have to generate the key from a password! |
Archives