Diceware & Passwords - Computerphile

Here's an idea. We should change the word "password" to "passphrase" to subconsciously discourage people from using a single word.

"I'm just looking at your collection of cubes" "All solved. That's how I roll" Hahaha

The 12.9 bits he mentions comes from the fact that log2(7776) = 12.9.

"They may just visit you instead." Ha ha, great capper.

"We're talking nation-state level security - you can choose to protect against them, but they might just visit you instead." Haha this is the logical step that's been missing in so many conversations I've had with cybersecurity enthusiasts - they seem to think the FBI is reading their emails but pay no mind to physical security. True story, I had one friend who insisted on 20-character randomly generated passwords, but wouldn't even bother lock his front door when he left the house because we were going "just up the street."

I can't begin to imagine which random symbol Mike Pound uses.

My passwords are generally random words, characters, number, uppers and lowers and also misspelled words and major length.... Then i write it down and stick it on my pc screen so I dont forget.

I made a program back in secondary school, where you type in random numbers, and it tallies them up. It really shows how not random you really are.

I hate when my tapir gets corrupted and I didn't make a backup

I personally dislike Tapir backups, Iguana-based backups are just way more reliable.

I think web developers need to be more educated in this. I hate it when I'm forced to come up with all sorts of crazy passwords with this symbol and that case and this number in that position. I mean, popsiclegoldfishigloobulgaria is a far stronger password than g41@9S. Guess which one my bank does and does not accept?

I'm really diggin' the series. An episode about password managers would be great!

It's the man, the legend, Dr. Mike Pound!!

Dice on the floor is always a reroll!

I love that they knew that the Rand was our currency,that got me excited a lil bit.Great video as always.

I love that after the great talk on the finer details of password security he alludes to the possibility of a wrench attack.

I have stumbled on to this channel a few months ago, and find them quite fascinating. I found maths really challenging at school, but as I get older understand more and find maths is used in EVEN more places and things than I ever considered. Thank you for creating these short shows with great explanations.

The last video on the subject had lots of comments about KeePass, so I started using it. I absolutely love it. Now every website gets its own password, and I have no idea what they are! The only password I know is the one for KeePass, which is five words that spell another word as an acronym, with a symbol and spaces.

And then some random website enforces a character limit of max 10 symbols, no spaces, a special character, a capital letter and a number

my problem is that at my work i have literally 17 different passwords (i just counted). They all have different requirements of min/max length (lots are 20 chars max), upper/lower case, special characters, numbers etc. and they expire every month or 3 months or never. If i get one wrong 3 times it gets locked out. In one system it took me 2 months to get a new username set up because the password was locked and there was no other way to resolve this and in another system if i lock my password (or don't use it for 3 months) i have to go on a half day course (every time) about basic use of that software in order to get a new password. All this means everyone uses the same short passwords for everything and so security is made worse because of the measures introduced to increase security.