• Zachariah@lemmy.world
    link
    fedilink
    English
    arrow-up
    60
    ·
    11 months ago

    I’ll bite. Serious answer.

    If your password is required to only be a number, it has the smallest “girth” possible at only 10 possibilities for a length of one.

    If your password is required to only be a letter, it has more “girth” at only 26 possibilities for a length of one.

    If your password is required to only be a symbol, it’s probably about the same “girth” as letters.

    You could make the girth increase on your one-character password by requiring it to be any of those above, but that’s still just about 60 options.

    But length increases the security of a password exponentially. So if your password is required to be two numbers, you’re already of 100 options. Require only one more digit, and you’re at 1000, even with only ten choices per digit.

    So girth is far less important than length when it comes to passwords.

    • applebusch@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      edit-2
      11 months ago

      Yeah, but counterpoint

      60^10 = 6e17

      10^10 = 1e10

      That’s 60 million times more options. So yeah, girth matters.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      7
      ·
      11 months ago

      Exactly what I was thinking. Girth is just the number of possible characters. A very crude measure of password strength could thus be length x girth.

  • recapitated@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    11 months ago

    I went with password “length” because when I tried “girth” it said it couldn’t be the same as my username

  • smeg@feddit.uk
    link
    fedilink
    English
    arrow-up
    6
    ·
    11 months ago

    Doesn’t matter if its long, if you reuse it everywhere then it’ll end up pretty useless. What I’m saying is that it’s not what you’ve got, it’s how you use it.