Quote from: StonedEmo on September 05, 2012, 10:35 pmQuote from: LouisCyphre on September 01, 2012, 02:56 pmThe example I normally give is from Hamlet:To be or not to be, that is the question.That's got over 300 bits of entropy.Now, when I saw the passphrase, that's got 0 bits of entropy, since outcome is entirely predictable. ;)Heh. :)To everyone else: StonedEmo is correct when the passphrase is able to be guessed. So don't use my example, pick something else.Quote from: LouisCyphre on September 01, 2012, 02:56 pmYeah, Diceware is good, but I usually recommend people pick a favourite line from a book, poem, play, song or film that they will remember and don't quote aloud. That can be very strong indeed, especially when punctuation is included.Quote from: StonedEmo on September 05, 2012, 10:35 pmDiceware is the same. Let's take a look.If anyone would pick a line from a favourite book and DEA would know it... Let's count the entropy of Hamlet. Hamlet speaks over 1500 lines. Of course, it depends on what you consider a "line". Some of the play is in prose and some of it is in iambic pentameter verse. Each line yields log2 (1500), i.e. 11 bits of entropy. To get better results, you can find a strange but easy-to-remember passphrase. Let me get Hamlet: 2c-b or not 2c-b :O, that is the question (maybe that was dragonfly?!!, ohmygod, ohmygod, ohmygod!). It is better than 11 bits. I think you might have not been able to find such a passphrase in a book. Unless you pick a favourite line from a book in the library of babel, which must contain, somewhere, every coherent book ever written, or that might ever be written, and every possible permutation or slightly erroneous version of every one of those books, and where your ciphertext could be selected as your passphrase. In any case, the estimate is very rough. Some sentences could be built with Markov's chains. I think that using words is better than random letters anyway. I dont understand how people are still choosing lines of perl code for their passwords.A good assessment. What I like about the quote option is that it helps people remember a passphrase if it is something they normally have trouble with.