Gibberfish, Inc./Gibberfish User Documentation

~28 BITS OF ENTROPY

2²⁸ = 3 DAYS AT 1000 GUESSES PER SECOND

PLAUSIBLE ATTACK ON A WEAK REMOTE WEB SERVICE. YES, CRACKING A STOLEN HASH IS FASTER, BUT IT'S NOT WHAT THE AVERAGE USER SHOULD WORRY ABOUT

DIFFICULTY TO GUESS:

EASY

WAS IT "TROMBONE"? NO, "TROUBADOR". AND ONE OF THE Os WAS A ZERO? AND THERE WAS SOME SYMBOL...

DIFFICULTY TO REMEMBER:

HARD

correct

horse

battery

staple

FOUR RANDOM COMMON WORDS

~44 BITS OF ENTROPY

2⁴⁴ = 550 YEARS AT 1000 GUESSES PER SECOND

THAT'S A BATTERY STAPLE

YOU'VE ALREADY MEMORIZED IT

THROUGH 20 YEARS OF EFFORT, WE'VE SUCCESSFULLY TRAINED EVERYONE TO USE PASSWORDS THAT ARE HARD FOR HUMANS TO REMEMBER, BUT EASY FOR COMPUTERS TO GUESS.

Thank you for signing up for Gibberfish, Inc! We have set up a private server for you and assigned it the web address:

Before you can start using it, you must log in to the management portal on your server and enter a passphrase which will be used to encrypt your data. Choosing a strong encryption passphrase is essential. The stronger your passphrase is, the harder it is for an attacker to access your files. We recommend using the Diceware method to generate a passphrase at least six words long.