Using thermal physics, cosmology, and computer science to calculate password vulnerability to the biggest possible brute-force attack.
Question: How much entropy should a password have to ensure it will never be vulnerable to a brute-force attack? Can an impossibly efficient computer–the MOAC–crack your password?
Answer: limited only by energy, if a computer with the highest level of efficiency physically possible is made of matter, does work to compute, and obeys the conservation of energy:
- A password with 256 bits of entropy is practically immune to brute-force attacks large enough to quite literally burn the world, but is quite trivial to crack with a universe-scale fuel source.
- A password with 327 bits of entropy is nearly impossible to crack even if you burn the whole observable universe trying to do so.