by Jonathan Rothwell

[LINK] Crap passphrases only marginally better than crap passwords

Passwords that contain multiple words aren't as resistant as some researchers expected to certain types of cracking attacks, mainly because users frequently pick phrases that occur regularly in everyday speech, a recently published paper concludes.

Thus is revealed the true message of XKCD #936: i love jesus is just as awful as a password as jesus123. This is why I use nonsense passwords.

I should probably look at developing Screttler again.

NB: the original paper is here.