A button to suggest another combo would help in this case (and anyway, we should not force the user to use the suggested password.)
I tried a couple times, I got this: YMCKO-jackpotting-mental disorder-hulk BCMS-Myspace angle-colloquium-charley horse extendible-milkiness-contemplate-marron
While I don't know all of these words (English is not my first language), it does look usable.
Sylvain
2016-11-17 19:32 GMT+01:00 Trey Jones tjones@wikimedia.org:
On Thu, Nov 17, 2016 at 1:19 PM, Sylvain Boissel < sylvain.boissel@wikimedia.fr> wrote:
If you want to increase the entropy, use a larger word list rather
than a
"harder" one. The XKCD comic seems to have used a 2048-word list for
its
44-bit estimate. Using a list with 8836 words gets the same entropy
(about
52.44 bits) as a completely-random 8-character password using any of
the
94
characters I can easily type on my keyboard (e.g. "'>hZ|=S*").
If we want to go this way, we have the largest conceivable word list at hand with the Wiktionary.
A tool inspired by https://tools.wmflabs.org/ anagrimes/hasard.php?langue=en could give 4 words from all those we have in English, and we can even get words in the same language as the registration form (So it would suggest French words when registering on the French Wikipedia, Swedish words on
the
Swedish Wikisource, etc.
You want to go with relatively frequent words of reasonable length so the combination is reasonably memorable and easy enough to type, or you are back to random gibberish strings.
While not likely, choosing four random English words from Wiktionary *could *give you this combo
aavakaayaabaciscusesæolotropicpneumonoultramicroscopicsilico volcanoconiosis
Trey Jones Software Engineer, Discovery Wikimedia Foundation _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l