On 11/10/2015 02:23 PM, Stanislav Nikolov wrote: > > > On 11/10/2015 09:17 PM, Michael Orlitzky wrote: >> On 11/10/2015 02:00 PM, Jeff Smelser wrote: >>> I guess from this your assuming that everyones passwords that >>> have been hacked are god, birthdays and such? >>> >> Again: assume that I'm not an idiot, and that I know how to choose >> a long, random password. It cannot be brute-forced. And if it >> could, adding an SSH key encrypted with a password of the same >> length would provide no extra security. >> >> > Are you sure you know how such keys work? An extremely 15 character > password (Upper case, lower case, numbers, 8 more symbols) gives you > ~4747561509943000000000000000 combinations
And since no one seems to believe me, if you could try a million passwords a second (over the network!), it would take you about 75,272,093,955,210 years to try half of those combinations.
