![[Deleted User]](https://us.v-cdn.net/6031733/uploads/defaultavatar/nSM2PLPSQARUH.jpg)
Since i just talked about this... let me post this famous xkcd strip...
Anybody who tells me 4 words without misspellings totaling 25 letters is easier than 10 letters+numbers at random "because word dictionaries" evidently never read or understood how password work.
Even knowing that the second is correct english and it's 4 not very uncommon words the second's difficulty is in the order of 150'000^4, while the first is 256^10. (also i rounded down the first's group of words since at least one of those words is ranked 163000th π and i have yet to see a password input that allows me to insert characters likeΒ ββ¬β and similar. Even including " " is a stretch. π
So brute force would still find both equally difficult, if the first is assumed to take 3 days, the second would be found in 1.5 days... but that assumes the guys encrypting the password did the worst encryption possible that allowed the attacker to know: 1)it's only latin letters, 2)that it's 4 words 3)and the statistical probability of said words.
Otherwise what the attacker sees is (if you were careless) that the password is "25 somethings" and, honestly, if the second gets broken... that's not the user's fault, it's the fault of the guy that designed the password encryption. See below.
Yes, yes... i know... not exactly memes... a bit ranty and i used XKCD which i said i would not use... buuut... eh... very few people ever made jokes about password encryption... so let's see the other ones i found:
also: social engineering at its finest...
