It is said that a password has n-bits entropy if its entropy corresponds to the entropy of an n-bit number, the digits of which are independently drawn under uniform distribution. How long does a password, whose letters from an alphabet {a,b,...,z} is independently chosen under uniform distribution, be at least to have n-bits entropy?
Asked
Active
Viewed 599 times
1 Answers
1
Computing the entropy of a password is not an easy task. All the comments at the time of writing assume a random selected password, as suggested in the question. In this case all the characters will have equal probability and the length is just the total entropy divided by the entropy of a character.
Note, however, that the process of breaking the password is normally not attacked by brute force, but with dictionary-based and similar approaches. See the answer How should I calculate the entropy of a password?. Therefore, in a dictionary-based schema every character (and word) will have a different probability. Additionally, and this is the cause for the use of the mentioned dictionary schemes, most of the real world password are not randomly selected (see https://xkcd.com/936/).
aalgo
- 11
- 1