0

As for now:

  • don't care about user experience, meaning that time spent reading, typing, memorizing password.

  • not thinking about quantum computing attacks.

8 characters good, 24 characters better, 1000 characters best?

DRP
  • 103
  • 4
  • 2
    UX is an integral part of security, so unless you provide more information about your use case and threat model, it is impractical for us to try to guess what exactly you mean by "worth it." If you exclude all of the possible downsides, then anything can be "worth it." – Kevin Jul 20 '19 at 03:18
  • @Kevin let me rephrase question – DRP Jul 20 '19 at 03:19
  • 4
    256 bits of truly random data will outlast the computing power of the universe for all eternity, if all of the mass/energy was converted into a digital counter that was used to bruteforce a 256 bit key. Assuming your 1,000 character password is just the 24 English alphabet characters, all lower case, then you would need to consume 96 universes to definitely crack it. -- There are few times that a cryptographer might say your key is too long, but here's one of those times. – Ghedipunk Jul 20 '19 at 03:43
  • 2
    Most applications won’t accept such long passwords and if your password manager auto types it will be rather slow. A 64 character hex string generated from a good random source will have 256bit strength - you don’t need more than that. – eckes Jul 20 '19 at 03:46
  • @Ghedipunk Awesome! I'll take that as an answer – DRP Jul 20 '19 at 03:54
  • @eckes so sad most applications won't accept this... for now... – DRP Jul 20 '19 at 03:56
  • The most important rule, do not use any password on multiple accounts. – eckes Jul 20 '19 at 03:59
  • 1
    You may be interested by my answer [here](https://security.stackexchange.com/questions/141022/is-there-a-way-for-a-hacker-to-know-your-password-length-and-if-you-used-numbe/213745#213745) which has a little bit of math. In your case, to calculate the useful length: `log(2^256)/log(26) ≈ 55` So a password of 55 letters (a to z) is already enough (assuming completely random letters, of course.) – Alexis Wilke Jul 20 '19 at 04:24

1 Answers1

5

It's not worth it.

The security of the password cannot be stronger than the security of of the hashing algorithm used on the server to store your password. The password you used, no matter how long, are going to be hashed and stored in a fixed size hash. Pretty much all password hashing algorithms in common use are 256-bit or less, so using longer password than that mathematically won't give any additional security.

Lie Ryan
  • 31,089
  • 6
  • 68
  • 93