Posted on 08/29/2014
For years we have been telling you to use strong passwords to protect your online security. We keep pushing this because (1) we find that many people still don’t take the matter seriously enough — at least, not until they’ve been stung, and (2) technology races along at an ever-increasing pace, meaning that yesterday’s passwords can probably be readily cracked with today’s computing power, placed in the wrong hands.
One well-regarded method of creating strong passwords is Diceware, a system of combining a recommended minimum of five (and sometimes six) “diceware” words into a single random passphrase. Now Diceware’s creator, who invented his system in 1995, recommends upping that count to six or seven words, saying, “I had previously written that longer Diceware passphrases might be vulnerable by about 2014. Well it’s 2014. Today criminal gangs probably have access to more computing power then the NSA did when this page first appeared. So I am upping my passphrase length advice by one word.”
Go to the Diceware site to learn how to easily implement a strong Diceware passphrase for yourself.
Ars Technica also has a useful article from March 2014 on Diceware and related security matters.