How long does my password need to be to stop hackers for 10 - 20 years?
Just don't be worth "Hacking".
your fukd because quantum computers will be around in 2 years and they can try all passwords at once
>>109244181>i'm retardedquantum computers *may* be able to break asymmetric encryption. which passwords don't use
>>109244137use mfa
You're supposed to use passwords like"anonwasanonbelieverbuthegotconverted"
>>109244181i ended up at 30 character + special + number because gemini pro told me a quantum can't break it though
>>109244137Open brute force attacks are completely out of date. Unless you are handling state secrets, almost nobody worth their salt is going to bother.
>>109244705the problem with having a dog ass password is that everything was already bruteforced "da hackers" already have lists of dehashed
>>109244195Not entirely true. There is a general quantum algorithm for a NP-Complete problem which is O(2^(n/2))Which means a 16 char password can be cracked on quantum as it would be 8 char ...
>>109244137It all depends what it's on. For instance if it's on something like an ATM card where a central server will lock it out after 5 incorrect attempts and require you to go talk to someone in person to unlock it, a 4-digit numeric PIN is enough. If it's going back and forth with a server for every guess and the server can rate-limit the attempts, somewhat longer but still fairly short will do. But if it's on a hash or encrypted file that the attacker has locally on their machine and can do millions of attempts a second, you need something way longer.
>>109244195passwords on websites are not symmetric cryptographyyou literally send the plaintext password to the server in almost all cases
>>109245312>plaintextOver TLS yes. Someone spying on the traffic can't see it.
>>109245326if they broke asymmetric cryptography and recorded the key exchange they could very well be listening
>>109244137Nonexistent since its more about leaks, phishing and social engineering at this point rather than length
>>109244236>anon was anon be lie verb u the go t conver tedidgi
>>109245438if they can break a 2048-bit encrypted text, we've got worse problems than your pornhub password being leaked
>>109245457>leakthis guy explained what happens on a leak>>if it's on a hash or encrypted file that the attacker has locally on their machine and can do millions of attempts a second, you need something way longer.>>109245242
>>109244771that's why salts exist
>>109244137tree fiddy
>>109246081You don't have control over (or usually even knowledge of) whether a site's devs used salts, or even hashed their passwords. But you do have control over whether you used a crapass password like Password1!.
>>109244137Enough characters to stop YOU from giving it to some cute girl that is actually a russian hacker.
>>109244137doesn't provide entropy readout
>>109245947Follow the chain retard, that's not what the guy was claiming. He claimed he was safe because passwords encrypted his data with symmetric encryption.
That looks vibe coded.
>>109245947Yes, breaking 2048-bit RSA is exactly the problem that quantum computers pose. And unless you are using post-quantum encryption strategies now, you are vulnerable to a "store now, decrypt later" strategy.
8 words
>>109244137You need to use PQC.
>>109244137Write a program that goes through all versions of 8 printable ascii chars. Divide the duration by the number of printable ascii chars (127 I believe) power of 8. You know have how long it takes to do 1 try on an average computer. Divide that by however much faster the fastest computer in the world is. Then divide by average increase in performance-per-watt of the past 5 years.Then find by how much you have to multiply that number by in order to get a duration over 100y.Or, you know just have a password of 40 random ascii chars, that's probably good enough.
>>109250088you had a convincing argument im gonna use 40 instead of 30