
What Makes a Password Good? - taodigital
https://pave.software/makes-password-good/
======
Davidbrcz
Its length : the longer, the better. Nothings beats an exponential ! Ideally,
one should use a pass phrase (a full sentence) instead of a password (a single
word, no matter how complicated it is).

~~~
creshal
Yes and no.

Pass phrases are good, since ( _if backed by the same amount of entropy_ )
they're easier to remember than passwords.

But for $DEITY's sake, don't use sentences. Natural human language has very,
very poor entropy – especially since people gravitate towards catch phrases,
song lyrics and the like, which can be (and have been[1]) very easily guessed.

That's why I put in diceware as fallback recommendation – while dice aren't
perfect, they're a very decent source of entropy.

[1]
[https://www.leakedsource.com/i/lastfmlong.txt](https://www.leakedsource.com/i/lastfmlong.txt)

