For symmetric keys, since they cannot be weakened using quantum computing, their strength can be assessed by their bit-equivalent amount of entropy:
40 bit or less - easily breakable
64 bit - not so easy, but doable
128 bit or more - basically unbreakable
Those are equivalent to, respectively:
0-9 - 12, 19, 38 characters
a-z - 9, 14, 28 characters
a-z0-9 - 8, 12, 25 characters
A-Za-z0-9 - 7, 11, 22 characters
A-Za-z0-9+special - 7, 10, 21 characters
Moral of the story: drop the special characters, and even the numbers… and even the uppercase. A 30+ character long all-lowercase pass phrase, is already unbreakable.
As long as you generate the PW with numbers and special characters included, a 14 character password will take over a hundred years to crack.
50 is so unnecessarily large, it closes in on the age of the universe amount of time needed to brute force.
For symmetric keys, since they cannot be weakened using quantum computing, their strength can be assessed by their bit-equivalent amount of entropy:
Those are equivalent to, respectively:
Moral of the story: drop the special characters, and even the numbers… and even the uppercase. A 30+ character long all-lowercase pass phrase, is already unbreakable.
Check @[email protected]:
…is already over 128 bits.
PS: Correct horse battery staple