xkcd #936
Show Image
To anyone who understands information theory and security and is in an infuriating argument with someone who does not (possibly involving mixed case), I sincerely apologize.
That XKCD has done lots of harm... It's true that the tr0b4udor83 thinggy ain't cutting it but the example he give is insanely insecure by modern standards.
The rarest word is staple, at position 7114 in the "most commonly used words in english".
A cracker testing all possible four words combination of the first 10000 words would crack this. It's, what, 10 000 trillion tries at most? Cluster of GPUs cracking 500 billion passwords per second were common things 5 years ago. I've read about crackers trying 73 trillion passwords per second (no idea which kind of hash nor which kind of hardware but I remember that number: it's not far-fetched seen the state of the art in 2012).
Crackers have been reported pwning passphrases like the following:
allineedislove
ilovemySister31,
all of the lights
ilovetofunot
iloveyousomuch
and of course the usual "eleet" ones like: "k1araj0hns0n"
Also people have been know trying every single sentence of books (the bible, lord of the rings, but really many many many books), starting from any word of the book, up to x words, and finding sentences used to protect cryptocurrency wallets that have then been emptied (back when cryptocurrencies wallets could be protected by user-chosen passphrases: which is kinda not the case anymore, at least not the best practice anymore).
And saying that regular people shouldn't worry about crackers having offline copies of hashes as it does was shortsighted too: there are several documented cases of theft (plus all those we don't know about) of user+hashes of hundreds of millions and even several billions (Yahoo!) of accounts.
I love XKCD but I always found this particular one to be particularly bad and I feel for those who followed that and ended with their password cracked because they used four common words and were part of the hundreds of millions or billions of hashes stolen :(
P.S: I ofc don't mean that 44 bits of entropy ain't better than 28... I'm saying 44 bits of entropy in this day and age where you can buy a single GPU that has thousands of core (and when many enthusiasts have farms of these, to GPU mine GPU friendly cryptocurrencies for example) and even soon consumer-grade FPGA-like programmable hardware (I read something about Intel coming up with this), 44 bits of entropy is not anywhere near enough. And several documented cases of hashes stealing + password cracking are proving this to be true!