I try to explain how attackers would guess your password, should they get their hands on your encrypted data. There are some thoughts on the strength of real-world passwords and suggestions for your new password.
I try to explain how attackers would guess your password, should they get their hands on your encrypted data. There are some thoughts on the strength of real-world passwords and suggestions for your new password.
If you make word-based passwords, you still need to make sure to use random words. If you use a sentence or quote or song lyrics, then those usually have far less randomness than people think, and thus can be guessed easily by AI.
But if you use random words, a few words can be plenty secure. The diceware word list used by many password generators has 7777 words. 6 words means 77776 possibilities, which is approximately 278, aka 78 bits of entropy. That would take many years for any datacenter to crack. Though personally for really strong passwords, I go for 90+ bits of entropy.