On Thu, Nov 17, 2016 at 1:19 PM, Sylvain Boissel <
sylvain.boissel(a)wikimedia.fr> wrote:
If you want to increase the entropy, use a larger word list rather than a
"harder" one. The XKCD comic seems to have used a 2048-word list for its
44-bit estimate. Using a list with 8836 words gets the same entropy
(about
52.44 bits) as a completely-random 8-character
password using any of the
94
characters I can easily type on my keyboard (e.g.
"'>hZ|=S\*").
If we want to go this way, we have the largest conceivable word list at
hand with the Wiktionary.
A tool inspired by
https://tools.wmflabs.org/
anagrimes/hasard.php?langue=en
could give 4 words from all those we have in English, and we can even get
words in the same language as the registration form (So it would suggest
French words when registering on the French Wikipedia, Swedish words on the
Swedish Wikisource, etc.
You want to go with relatively frequent words of reasonable length so the
combination is reasonably memorable and easy enough to type, or you are
back to random gibberish strings.
While not likely, choosing four random English words from Wiktionary *could
*give you this combo
aavakaayaabaciscusesæolotropicpneumonoultramicroscopicsilicovolcanoconiosis
Trey Jones
Software Engineer, Discovery
Wikimedia Foundation