Today I saw a disturbing Gizmodo article claiming that it would take 550 years to guess the XKCD “correcthorsebatterystaple” password.
While researching this subject, I noticed this blog post from Dropbox on their
zxcvbn “password strength” meter library, which included this incredible sentence:
For example, even knowing the word-word-word-word structure of
correcthorsebatterystaple, an attacker would need to spend centuries cracking it.
That is completely incorrect, and I’m disturbed how much confusion the XKCD comic has generated, that it has resulted in statements like that. The linked twitter thread explains why this is wrong. At heart, there are two critical mistakes in the XKCD comic:
- The idea that a password’s entropy is easily and accurately calculated. In reality, calculating a password’s entropy is somewhat of a red herring, as there is often information outside of the password that can be used to guess at the password’s structure (e.g. how long it took someone to type in their password)
- That password guesses happen at a rate anywhere near 1000 guesses/second. The true rate depends entirely on how the hash from the password is generated. For raw SHA256, it is somewhere on the order of 1197962070743187 guesses/second.