Just last week I have been writing about changing GPG passphrases. In this week I have read a interesting article about the same topic, passphrases. Bruce Schneier advertises a interesting method of randomly generating easy memorable passphrases. The method can be described as generating passphrases by rolling dices or diceware The EFF suggests to use a 6 worded passphrases. Rolling 5 6-sided dices will generate 5 digit random numbers. These randomly generated numbers should be then looked up on a word EFF word-list:
- EFF's Long Wordlist for use with five dice
- EFF's Short Wordlist #1 featuring only short words, for use with four dice
- EFF's Short Wordlist #2 for use with four dice, featuring longer words that may be more memorable.
This method will generate long, easy memorable passphrases that are secure and hard to guess. The general suggestion is to use a "hardware random number generator" that meant use dice or die to genearte the keys and not a computer or a electronical devices. Computers random generators are not as good as rolling a die.
If you speak a second language, or english is not your native language use localized word lists that have been generate secure passphrases. On the EFF's website there is a URL to another author that describes diceware Arnold G. Reinhold At the bottom of the document are URLs to the localized word lists.
Both articles are really worth reading is you really want to generate secure password and passphrases. There are many other methods on how to create secure password and passphrases, but this one was just about the right timing and I found it worth mentioning.
To summarize all this in a short story spent a few seconds and read this xkcd internet comic.
.-------. ______
/ o /| /\ \
/_______/o| /o \ o \
| o | | / o\_____\
| o |o/ \o /o /
| o |/ \ o/ o /
'-------' \/____o/ jgs