Prodded by comments about password cracking in another thread, I've added a table to my Diceware FAQ http://world.std.com/~reinhold/dicewarefaq.html#tables for selecting random characters out of the ninety five printable symbols in 7-bit Ascii. The intent is to provide a practical and secure way to choose passwords as strong as Unix allows.
Below is what I've added. It's best viewed in a monospace font like courier. Comments are welcome. Arnold Reinhold ============================= How do I use dice to create random character strings? To create passwords of maximum strength for a given number of characters, you must use all available symbols. This is especially important for most Unix systems where passwords are limited to eight characters from the 7-bit ASCII printable character set. In particular, Unix "root" passwords should always be constructed in this way! The following set of three tables allows you to create such a password. Roll a die three times (or roll three dice) for each character and then select one of the following three tables, based on what the first die says: If first roll=1 or 2 3 or 4 5 or 6 Second Roll Second Roll Second Roll 1 2 3 4 5 6 1 2 3 4 5 6 1 2 3 4 5 6 T 1 A B C D E F a b c d e f ! @ # $ % ^ h 2 G H I J K L g h i j k l & * ( ) - = i 3 M N O P Q R m n o p q r + [ ] { } \ r 4 S T U V W X s t u v w x | ~ ; : ' " d 5 Y Z 0 1 2 3 y z ~ _ sp < > / ? . , 6 4 5 6 7 8 9 Note: Roll all three dice again whenever a blank appears in the table. The table entry "sp" means a space character. If you do not want spaces in you password, roll all three dice again. Repeat this procedure eight times to get a maximal strength Unix password. Each random character adds 6.55 bits of entropy. Eight characters provides 52.4 bits of entropy. Example: 224 T 131 C 553 } 215 Y 465 , 334 u 326 roll again 535 / 364 x The password is then: TC}Y,u/x Easy to remember? Hardly, but it is the only type of password that provides full security on Unix systems. Only such passwords should be used for root and administrative accounts or high security user accounts. If security is less of a concern for user accounts, then eight characters from the first table can be used. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]