Using thermal physics, cosmology, and computer science to calculate password vulnerability to the biggest possible brute-force attack.

Question: How much entropy should a password have to ensure it will never be vulnerable to a brute-force attack? Can an impossibly efficient computer–the MOAC–crack your password?

Answer: limited only by energy, if a computer with the highest level of efficiency physically possible is made of matter, does work to compute, and obeys the conservation of energy:

  • A password with 256 bits of entropy is practically immune to brute-force attacks large enough to quite literally burn the world, but is quite trivial to crack with a universe-scale fuel source.
  • A password with 327 bits of entropy is nearly impossible to crack even if you burn the whole observable universe trying to do so.

What I get from that article is that we should all be using SSH keys with strong encryption.

Confidentiality Integrity Availability

  • 0 users online
  • 1 user / day
  • 6 users / week
  • 18 users / month
  • 95 users / 6 months
  • 1532 subscribers
  • 386 Posts
  • Modlog