nostr:npub15fkerqqyp9mlh7n8xd6d5k9s27etuvaarvnp2vqed83dw9c603pqs5j9gr I feel pretty confident that the NSA has a list of all known valid English sentences (with permutations) and they could probably run it in a few minutes. I don't have proof of this but I suspect a table like that would fit within a terabyte
nostr:npub15fkerqqyp9mlh7n8xd6d5k9s27etuvaarvnp2vqed83dw9c603pqs5j9gr ok so apparently you can't see my post to enzymical. The other hand of that was:
I don't think the average person is creative enough to NOT pick one of the known sentences so it would be a very bad security policy if you're talking about a commercial product.
Frankly though I'm not sure I could pick a sentence that's never existed if I was really trying.
No, I see it, and I'm trying to tell you that the fact that a password is known to exist does not compromise it absent *a lot* of knowledge about the specific nature of the password.
I can generate every 30 character combination of alphanumeric+common symbol passwords trivially, does that mean a 30 character random password is easy to crack?
