Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Keepass entropy? question

18 May 2019   #1
F22 Simpilot

Windows 7 Ultimate x64
 
 
Keepass entropy? question

In Keepass when you create a password it shows bits of strength. I don't exactly understand what that means. But when I have password that is like say 15 characters long and say I change the word "to" to the word "cat", the bit strength goes down by one digit. Why would that be?

Note, I made up the words used and length used for explanation. But the word I have in my password is two characters long and when I make it a three letter word the bits go down by one digit.


My System SpecsSystem Spec
.
18 May 2019   #2
LMiller7

Windows 7 Pro 64 bit
 
 

When it comes to passwords longer isn't necessarily better. The program is following a set of rules to evaluate passwords. Most likely these rules have not been published. The rules are also somewhat subjective and not everyone will agree on the details. The general rules for what makes a good passwords are quite well known but there is considerable room for different interpretations. Some things such as repeating characters and character series such as "abc" will downgrade the evaluation. The program will be looking at the entire password which will count for more than some fragment that you or I might consider significant. People are very good at recognizing things that are very problematic for a program. Even an expertly written program may make a different judgement than a human expert.

Generally a good password is not a word at all and will not contain recognizable words. A good password should contain at least 2 of the following:

1 Upper and lower case characters.
2 Numbers
3 Special characters
My System SpecsSystem Spec
18 May 2019   #3
F22 Simpilot

Windows 7 Ultimate x64
 
 

Thanks for the explanation. That makes a lot more sense now.




Quote   Quote: Originally Posted by LMiller7 View Post
Generally a good password is not a word at all and will not contain recognizable words. A good password should contain at least 2 of the following:

1 Upper and lower case characters.
2 Numbers
3 Special characters

I definitely have this covered. What do you think about a string of words mashed together with symbols and numbers throughout? Me thinks good seen as how I've tried many password crackers before and know how damn hard it is to brute force a password. Granted the NSA or what ever might have some pretty good algorithms, etc. Most of my passwords are created with Keepass though, and I used the randomness that it allows you to generate to formulate those passwords. They are all well over 30 characters long.
My System SpecsSystem Spec
.

18 May 2019   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Quote   Quote: Originally Posted by F22 Simpilot View Post
But the word I have in my password is two characters long and when I make it a three letter word the bits go down by one digit.
That's because the two words are still all lowercase.....by adding to the password length, you haven't increased the entropy.

If you change the case, you increase the search depth required to crack the password - 26 lowercase possibilities + 26 uppercase possibilities. By adding in numbers and special characters the search depth increase significantly to 26+26+10+33 = 95.

A strong password requires both sufficient length and entropy. Avoid using words that appear in dictionaries to protect from dictionary attacks.
My System SpecsSystem Spec
20 May 2019   #5
F22 Simpilot

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Golden View Post
Avoid using words that appear in dictionaries to protect from dictionary attacks.

Yeah, that I knew. But I also thought a password like: AnOrangeBananaShotaMonkey^%$245 would be sufficient. No?

My idea back then was to use the first letter in lyrics from songs. I do that to some extant on certain passwords, but not all.
My System SpecsSystem Spec
Reply

 Keepass entropy? question




Thread Tools




Similar help and support threads
Thread Forum
KeePass All Usernames/Passwords Reverted To Earlier Time
I use keepass on my laptop. I store all my username/passwords for everything on it. Today i noticed when i started keepass... i noticed I could not log into several of my accounts. I had wondered why. Until i took a look and many username/passwords for certain sites are not shown in it. I then...
Software
BSOD while running firefox and keepass
This is about the third or fourth time i've had a BSOD over the last few months and as far as i can see the connecting thread was using firefox with keepass running in the background but i can't read the dmp file since it's all scrambled. I hoped posting it here would let me read it. I ran the...
BSOD Help and Support
New version of KeePass released
FYI, A new version of KeePass has been released, get it at: News: KeePass 2.15 available! - KeePass :D
Software
KeePass Professional 2.14 Released
September 6, 2010 KeePass Professional Edition (Free) 2.13 is available. Changelog below. Changes from 2.12 to 2.13: New Features:
Software
Keepass Professional Edition 2.11/2.12 Released
July 3rd, 2010 Keepass Professional Edition 2.11 is available. It is free software. Changelog below. Version 2.12 is available now. Changelog 5 posts down. Changes from 2.10 to 2.11: New Features:
Software


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 20:49.
Twitter Facebook