On Thu, Nov 17, 2016 at 1:19 PM, Sylvain Boissel < sylvain.boissel@wikimedia.fr> wrote:
If you want to increase the entropy, use a larger word list rather than a "harder" one. The XKCD comic seems to have used a 2048-word list for its 44-bit estimate. Using a list with 8836 words gets the same entropy
(about
52.44 bits) as a completely-random 8-character password using any of the
94
characters I can easily type on my keyboard (e.g. "'>hZ|=S*").
If we want to go this way, we have the largest conceivable word list at hand with the Wiktionary.
A tool inspired by https://tools.wmflabs.org/ anagrimes/hasard.php?langue=en could give 4 words from all those we have in English, and we can even get words in the same language as the registration form (So it would suggest French words when registering on the French Wikipedia, Swedish words on the Swedish Wikisource, etc.
You want to go with relatively frequent words of reasonable length so the combination is reasonably memorable and easy enough to type, or you are back to random gibberish strings.
While not likely, choosing four random English words from Wiktionary *could *give you this combo
aavakaayaabaciscusesæolotropicpneumonoultramicroscopicsilicovolcanoconiosis
Trey Jones Software Engineer, Discovery Wikimedia Foundation