[PATCH] stop using pwgen
Brian Candler
b.candler at pobox.com
Sat Dec 17 23:43:12 CET 2016
On 17/12/2016 22:02, Antoine Beaupré wrote:
> a 18 bytes password contains (naturally) 144 bits of entropy and
> base64 turns that in a 25 character password
base64 turns each group of 3 bytes into 4 characters, so 18 bytes => 24
characters
> base64 passwords are more portable and incur only a ~13% size increase
> compared to original byte stream.
4/3 = 33% increase
But anyway, I'm happy with the proposed approach for default password
generator. Undoubtedly there will be people who want something else, so
it would be good if it could be pluggable.
(Aside: I don't actually see any need for entropy > 96 bits: brute
forcing 2^95 combinations, at a trillion attempts per second, would take
1.25 billion years. But I suppose burning a bit more entropy and storage
does little harm)
Regards,
Brian.
More information about the Password-Store
mailing list