From dd0f8e3f02d159f0fdf8ffea247733bf007aa855 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Thu, 29 Oct 2015 03:04:30 +0100 Subject: info: chapter: factors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- info/passcheck.texinfo | 45 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 35 insertions(+), 10 deletions(-) (limited to 'info') diff --git a/info/passcheck.texinfo b/info/passcheck.texinfo index dab18b7..ad1c879 100644 --- a/info/passcheck.texinfo +++ b/info/passcheck.texinfo @@ -53,6 +53,7 @@ Texts. A copy of the license is included in the section entitled @menu * Overview:: Brief overview of @command{passcheck}. * Invoking:: Executing @command{passcheck}. +* Factors:: Factors weighted in at evaulation. * GNU Free Documentation License:: Copying and sharing this manual. @end menu @@ -69,16 +70,6 @@ Passphrases are read from stdin and the rating followed by the passphrase for each passphrases is written to stdout, and stderr is quited unless the program files. -It has been argued that passphrases should not form grammatically -correct sentence, even if the sentence itself if nonsense. The argument -is that the majority of possible choices of words can be eliminated for -each word position, based on the previous word. However a counterargument -for this concern is that number of possible combinations, assuming the -sentence is nonsensical, large enough even if choices can be eliminated -using grammar. Currently, evaluation based on grammar is not made, so if -you believe grammatically correct sentence should be avoided, please -manually check that the passphrase you choose does not form a grammatically -correct sentence, and preferably, not even in part. @node Invoking @@ -96,6 +87,40 @@ otherwise it is parsed as an ANSI escape sequence wish is ignored in the rating and allows you to use colours in the passphrases. + +@node Factors +@chapter Factors + +@command{passcheck} weights in the following factors when evaluating +the strength of a passphrase: +@itemize @bullet +@item +The passphrase is not a commonly use passphrase. +Currently a top-1000 list is used. +@item +The degree to which characters are mixed. +@item +The classes of used characters. For example non-ASCII +characters are better than ASCII chracters. +@item +The distance, on a QWERTY-keyboard, of successive keys. +@item +The length of the passphrase. +@end itemize + +It has been argued that passphrases should not form grammatically +correct sentence, even if the sentence itself if nonsense. The argument +is that the majority of possible choices of words can be eliminated for +each word position, based on the previous word. However a counterargument +for this concern is that number of possible combinations, assuming the +sentence is nonsensical, large enough even if choices can be eliminated +using grammar. Currently, evaluation based on grammar is not made, so if +you believe grammatically correct sentence should be avoided, please +manually check that the passphrase you choose does not form a grammatically +correct sentence, and preferably, not even in part. + + + @node GNU Free Documentation License @appendix GNU Free Documentation License @include fdl.texinfo -- cgit v1.2.3-70-g09d2