Dictionary attacks have been around for a long time, but It’s still quite strong especially if you throw in a number.
A fully random 8 character password has about 10^14 brute force combinations (assuming upper and lower case + the normal special characters). 4 words choosen at random from the top 3000 words (which is a very small vocabulary really) is 10^13 dictionary attack combinations, add a single number or account for variations in word style (I.e maybe don’t always use camel case) and you’ve matched the difficulty. If you use 5 words it’s 10^17 combinations.
A password manager and a hard password is a better idea but there are cases where you can’t use a password manager (like the password to said manager).
Yeah I thought about adding a note that it’s pretty outdated - and dictionary based scans were always possible even if less common in the old days - like those infamous passwords “God”, “Love”, “secret”, or like “admin”.
The artist is pretty smart most of the time though so I presume they were aware of that possibility and meant that on a more basic level there are multiple ways to make passwords easier for a user to remember, not necessarily just this one rather simplistic take but as part of a whole approach. Then again, they didn’t say that, and instead said this, thus the controversy.
Personally I gave up entirely and now I don’t even know what any of my own passwords are, though my password manager does:-). I guess… if you cannot beat them, join them!?:-P
My current favorite “memorizable” method (obviously a random hash from a PW manager is still better) is to take a sentence of moderate complexity that includes the name of the service you’re signing up for in it, and use the first letter of each word as your password.
For example, “When I wake up in the morning, the first thing I do is go to pawb.social.”
Password would be “WIwuitm,tftIdigtps.”
Easy to remember, immune to dictionary attacks, and you get a (mostly) unique password for each service, so stolen passwords can only access that one thing.
Edit: To be clear, the value is that you can use the same sentence everywhere, switching out the name of the service to generate semi-unique passwords for each service. Obviously someone analyzing your passwords would be able to figure out the pattern, but that’s basically never what actually happens; it’s more likely someone gets 1 password and tries your email address + that PW in a variety of services, which this is strong against.
It’s surprisingly easy to memorize. The sentence basically acts as a mnemonic device to remember the password, and it’s a lot easier to memorize a sentence that makes sense to you than to memorize something like “Tr0ub4d0r&8”.
The rainbow table would have to include every four word combination. At around half a million words in the English dictionary, that’s not a small number.
As another XKCD comic illustrates, it’s cheaper to use a wrench.
Example of what My passwords are like : %*7EfOLkN@6AP28!8Dl#
or potentially if allowed : W@c2wYnN9J3xGcyc47#ZkHJvt&Hm%q&Ad0b&Xwz#jnl4Th%6UBexD16a$YBFc@svnVrCBxXP0EpwLp6%Gk*Lom%@Qq#DjY1zsf0CzIrHHqPc8gt4edDVsg!omj*kIsIJ
Good luck guessing my shit.
I suspect if the cracking code was constructed such that it had more weight on trying combinations of common words then this would be much easier to crack
I would naively think that as well - you would expand your alphabet of “symbols” to include both single letters and numbers and punctuation but also common words as well. It is still a lot of combinations to have to try though, even if less than each letter by itself.
Rainbow tables and presumably newer stuff I haven’t heard of make this sort of thing weaker than it used to be
How does a rainbow table help here? They’re more for decoding unsalted encrypted database tables, rather than for actually trying to login.
Salting makes rainbow tables pretty much useless, and salting has been a standard practise for a few decades now.
Dictionary attacks have been around for a long time, but It’s still quite strong especially if you throw in a number.
A fully random 8 character password has about 10^14 brute force combinations (assuming upper and lower case + the normal special characters). 4 words choosen at random from the top 3000 words (which is a very small vocabulary really) is 10^13 dictionary attack combinations, add a single number or account for variations in word style (I.e maybe don’t always use camel case) and you’ve matched the difficulty. If you use 5 words it’s 10^17 combinations.
A password manager and a hard password is a better idea but there are cases where you can’t use a password manager (like the password to said manager).
I’m a basic little shit so, I basically use a correct horse + number password for my PW manager
I use a whole sentence with a typo lol
Something like "On March the 3rd of 2012 my dog Billy ate 8€ worrth of schmeggles!“
Yeah I thought about adding a note that it’s pretty outdated - and dictionary based scans were always possible even if less common in the old days - like those infamous passwords “God”, “Love”, “secret”, or like “admin”.
The artist is pretty smart most of the time though so I presume they were aware of that possibility and meant that on a more basic level there are multiple ways to make passwords easier for a user to remember, not necessarily just this one rather simplistic take but as part of a whole approach. Then again, they didn’t say that, and instead said this, thus the controversy.
Personally I gave up entirely and now I don’t even know what any of my own passwords are, though my password manager does:-). I guess… if you cannot beat them, join them!?:-P
My current favorite “memorizable” method (obviously a random hash from a PW manager is still better) is to take a sentence of moderate complexity that includes the name of the service you’re signing up for in it, and use the first letter of each word as your password.
For example, “When I wake up in the morning, the first thing I do is go to pawb.social.”
Password would be “WIwuitm,tftIdigtps.”
Easy to remember, immune to dictionary attacks, and you get a (mostly) unique password for each service, so stolen passwords can only access that one thing.
Edit: To be clear, the value is that you can use the same sentence everywhere, switching out the name of the service to generate semi-unique passwords for each service. Obviously someone analyzing your passwords would be able to figure out the pattern, but that’s basically never what actually happens; it’s more likely someone gets 1 password and tries your email address + that PW in a variety of services, which this is strong against.
This seems like a memory method for someone who has a great memory. (Better than mine anyway)
It’s surprisingly easy to memorize. The sentence basically acts as a mnemonic device to remember the password, and it’s a lot easier to memorize a sentence that makes sense to you than to memorize something like “Tr0ub4d0r&8”.
The rainbow table would have to include every four word combination. At around half a million words in the English dictionary, that’s not a small number.
As another XKCD comic illustrates, it’s cheaper to use a wrench.
Example of what My passwords are like :
%*7EfOLkN@6AP28!8Dl#or potentially if allowed :
W@c2wYnN9J3xGcyc47#ZkHJvt&Hm%q&Ad0b&Xwz#jnl4Th%6UBexD16a$YBFc@svnVrCBxXP0EpwLp6%Gk*Lom%@Qq#DjY1zsf0CzIrHHqPc8gt4edDVsg!omj*kIsIJGood luck guessing my shit.
Amateur! Strong enough passwords are like:
ÕÚüd¸2stb½õ~jëv×Â/oyÓh²î´t¶»Ö°ÍðoNVRïé2Wc4'H,CâÞó_ökÅ,Kð¡X9ÄÀ.þTØÓoæ73d*ëÞ¢?²i"`צeÉçß,ÎÅëüS.¹([)ãÒÑêf9÷¿¢=@Á×ÅQÎÂßu¸Å(iRZµîw&ãRTry this on for size :
`'�d+�t<�5mF�qrqcmv/�F��~��Yv�Om�/lK�RɏY%ɺP1�h�Ryl-�G/��m�ʰ�+^)��<>�itdkaz�q2HA*1�PK�D@{9�vN.<}�~ٕ�_�26IA/cHIn����1ĈҾܒl�I9$�vA��W¸ȶW"z�}θ�x�,>~�Ux�SJZ\�5ÀI��F}nLZT�;KӚq�&NQo32y7���0"^LÎs>��j!��V��k��2O<2W�ƽYcA#8�J�Of�pهZb�%1g�w�!k*h(ʶ73�@�CC�hUsԺe!_��dR�ٞpvG|.=4{v"&.��m=_�͚DZZף�aaZ��Cq�!sG1T3�=2lb,����^�镰n)Ld]��ϮWhat’s my power level now?
You lever is very low! There are not displayable characters so you cannot easly verity the password by eye or copy from paper.
Why would I have to verify by eye? That’s what a password manager is for. And writing your passwords on paper? ಠ益ಠ
Sometimes you have to give a password to a friend on a paper or by a phone.
Password for what? The Netflix I don’t have? 🏴☠️🦜
#ENHANCE
`̴̢͚̳͕̹̻͕͎̍̓̐̍͜’̷̤̖̖̝̱͍̲̲̙̥̮̐̊̎́̄̎̅̔̾̈̑̈́͌́̀̅͘͘͘͝�̸̢͍̥͍̪̭͍̥̈̏̄̒̓͆͐̿̈̐̇́̑̎̆̽̉͗̾͝͝ḏ̸̛̛̛̣̾̇͂̆̒̍̌̈́̑̀͗̄̃̈̋͆́͝͝+̸̢̢̢̨̛̛̠̫͖̲̙̱̝̖̙̮͎̭̥͔̈́̈́̏̇͋̉͝�̸͕̠̞̭̺̘͓͕̞̥͔̫̖͙͗̆̀̑̏ţ̵̢̛̜͕̪̠̱̪̰̼̣̘̹̠͎͚͈̯̣̭͗̊͒̓̆̈́̑͂͌̈̒̂͘͜͝<̵̧̨͓͕̯͍̠͇̦̤̼̻̩͖͈̪͒̈́́́̊̍̒̈̉̉͒̓̀͝�̵̛̪̳̱̘̾̀̀̏5̶̡̛̛̻̝͖̱̗͇̝̹̱͚̟̳́̋̊̾̏̉̔͌̀́͛͘̚͝͠͠m̶̬̣̜̥̝̖͌͛̿̇̑̎̓̍̈́͑́̾͌́͌͝F̷̧̡̤̭̟̹̰̭͖̲̙͇̤͓̓͋͂̈́͛̄̓̌̓́͛̑͛́�̶̢̢͔̞̬̰̞̹̝͇͕̰͕͓͎̐͌̊̎̚̚͝q̴̢̙̭̠̮̜̳̜̜̰̭̬̘̮́̋̉r̵̢̡̗͍̮̳̼̪̟̙̙̫̯̟̝̙͆̈͆̊͂̓̆̾̓̎͋q̴̡̡̛̣͚̯̝͈͙̣̙̣̻̺̹̼̈́͝͝c̷͎͙̤̭̬͉̲̼̼̦̯̾̒͆̾́̑̿̿̎̅͛͛̽͐̓͐̈̐̑̕͝ͅͅm̶̡̻͈͍̊̏͌̈́̉̓͐̅͑̐̅v̵̢̧̢̧̛͚̘̞̩̜͙̟̼̳̖͚̟̖̯̬̬̲̎̈́̊̈́͗́͂́̉͆̇̌͛̏̌̓̐̃́̀͘/̴̣͈̈́́̓̀̒̊͑͘͠�̵̧͈͈̤͔͕͙̼̬͈̰͍̲͍̓̈́͂̂̓͐̀͆͜͜F̵̨̤̦̯̯̞̖̖̾̑̍̀̏̽̽̏̓̔͛̾̕͘͠�̸̛̙̔̅̐̇̄͆̎�̵̴̡̨̡̛̛̛̲͓̟͉̩̝̫̹̬̜͍̲͓̰͇͚̫͉̂͂͛̋̔̽̓̏͗̐̍͂͛̃͝�̸̡̝̻̞͕͚̝̖̘̙̳̳̲͔͕͉̳̙̞͂̀̽͛͊̈̃̐̾́̏̂̏̔̚̕̚̚̚�̴͉̲͖̈́̇͒̿̄̽͛̈́͛̚͝Ȳ̴͍̎̋̒͒ṿ̵̛͓̎̋͂̔͊́̎̿͛̽̍̊͋̂̚̚̕͝͠͝͝�̵̢̨̙̪̥͙͉̥̔̈͋͋͒͆̈́̔̂̉ͅͅǪ̶̙͚̺̩̃̊̌̽̽̌͠͝m̵̨͈̹̬̑̅̂̆̍̋̾�̵̹͍͉̰̺̝͎̲̳͑͌̀͘͠/̶̨̢̰̳͈̬̙̫̫̺̹͓̰͓̞̠̆̈́̀͗̒̆̋͗̀̇̐̎̓͐̇̀͛ͅl̷̨̢̛̜̥͚̰͖̬̝̫̭̜̦̠̤̣̎͊̿̽̎̓͗́̋̍̚͜K̸̞̫͕͇͍̰͖̮̞̭̏̉͋ͅ�̸̗̤̥̘̫̮͍͉͔̪̫͕̞̳͎͍̰̦̅͜͜ͅR̶̻̣̮͌͋̂̍ɏ̶̢̩̩͔̼͔̖͌̍͒̐̀̔̀̈̐̈́̽̈́̃̈́̅͋̓͑̕͠Ÿ̸̧̧̨̥̺͖͉̼̦̭͔̼͇̪̺́́͐̒̑̇̂͗̆͒̀̈́̀̓͜͠%̵̡̨̺̱͈̘̺͚̞̩̯͓̯̜̜͙̰͚̯̽͗͊͌͋͌̎͒̏̋̉̓̄̚ͅͅɺ̵͎̼̊͆̅͐̐͒̊̈́̏̐̀͆̄̋P̴̧̯̫̩̪̭͓̠̙͇̳̭̌͜1̴̹̝̠͋̈́̾͒͐͌͛́̇̓͘͝�̶̼̪͐̂͐̈́́͌̽̓h̶̦̲̹͍͖͚͇͔̺́̅͑͒͜�̴̮̃̔͊̓̌͌̿̅̾̌̉́̍͑͠R̴̢̧̠̩͖͎̘̝̰̳͓̹̱̦͔̫̥̭͉̣̦̥̈́̃͋̈͘̕y̷̡̗̱̤͕͈̰̻̥͙̹̲̱̙͌́̍͑́̓̓͒́̐̈̉̎͜͜ļ̵̡̫͔̳͇̤̹͇̹̝̱̠̰̯͇̰͖̾̓̋̊͊͘͜͜͝-̷͚͓̤̳͕̼̈́͂̌͂̊̈́͛́͌̃̎̒͛̾̑̈́͘̚̚�̴̛̩̝̦͎͙̦͖̜̺́̀͒̀̉̈́̐̔͘̚͠Ĝ̶̖͙̯̞̖̲̣͆̌̆̏̈́̐͆̄́͋̾̽̂͠/̴̢̨̨̳̤̜̖̞̺̥̲̯̻̼͇̰̭̀̔̾́̽̒̍̊̑̈̓̈́͒̿͆̋͝͠ͅ�̶̤̼̗̼̩͎͋̓̄̎͌͛͆̓̎͐̔̚͝͝�̸̞̗̟̹̀̈́̆̀̆̽̇̀͒̽́̍͘m̴͓͈̞͔̦̣̯̽̋̌̃͗̆̓̇͒͑̐́͂̈́̀̚͘͝�̸̡̧̨̢̧̠͍̲̩͓͓̼̟̙͕͍̘̪̯̣̀̒͛̈́͊̋̔̓́͌̓͜͝ʰ̵̛̘̳̣̭͈̣͎̲̠̘̞̭̦͔͍͉̟̄͒̐̈́͋�̵̢̮̖̮̭̣͖̙̟͍̫̱̤̮̋ͅ+̷̡̬̣̲̬̺͓̱͔̗̦̀̑̒̒̓̉͋͌͑̉̊͘͜͜͝ͅ^̵̢̬̥̫͖̟̖͇̜̺̙͔̹͙͇̦͓̺̮͖̄͒̒̐)̷̧̳͉͔̜̥̪͚̩̋̂̊�̷͕͔̺͎̼̫̮̟̫̤̣̰̗̖̩́̋̊̋̿̀̐̑̇ͅͅ�̸̠͓̩̤̊̍͂̊̀̏̋̾̉͒̇͑͑͝͠͝<̴̢̹̗͓͍̣̺̩̟̗̪͗́̂̆̋͌͗̏̐̑̕>̴̝̓͌�̷̡̧͉̙̪̝͚̪͇͖̗̜͓̬̙͕̙̞͚̎̄į̸͓͈̪͈̹̻̠̩̳̱̝̮̘̻̗̀͠ͅt̸̮̱̱̗̞̤̦̦͈̤͚̝̞͖̝̉̆̃̇͌̋͒̉͂́̓́͐̿̚̚̚͝͠͠ͅḑ̴̨̜̪͍̪̝͗̿̌̓͆k̸̨̡̡̮̗̯͈̠̥̗̰̦̪̤̹̟͕̼̜̹̑̑̽̀̈́̔͆͘͜͠ͅa̵̢̛̰̜̤̘͍̳̞̬̟̯̳̖͙̠̬̠̦̟͑̊̇̄̈́͐̆̀͐͒̚z̸̡̢͎̖̯̼̗̼̼͎͙̟̱͖͎͊͜͜�̴̢̮̞͍̓̓̀̇͐͂̅̈̀̏͛q̶̥̖͂̾͂̿̈́̏̈́̉̓̈́̑́̉̉͘͝2̴̡̛͍̬̙̲̫͓̪̪̬̪̹͇̖̞̹̬̼͓̾̔̀͋̋̉̀͆̊̇͘͘̚͘͜ͅͅH̸̟̹́͋̿̈̄̒͋̑̄̂̋̌͐͒̑͛̚̕̚͘Ä̸̛̱͈̦̼̭̞̯́̄̇̈̿͛̈́*̸̡̛͈͇̼̣̰̼͉̤̱̝͙̺̤͎̙͚̈͜1̷̨̡̖̬̤͇͓͙̖͓̬͓̟̰̻̌̓̈́͆͗̄͝�̶̡̢̛̭͚̠̻̤͍̥͔͆́͛̍̀̇́̀̑̚͝P̴̨̡̟͕̗̗̞̈́̿͋̉͂̈́̊͝͠͝K̸̢̧̪̘͚͖̗̐̒̿͜͝�̶̡̛̟̓̾̃̄̋̈́̑̓͠Ḋ̴̦̍͌̊̌̌̉͊̂̇́̿̆̓͐̓̊͝͠@̸̧͎͍͍̮̞̯̘͔̿̆̇̓̈́̋̿̃̽̇̒͗̚̕͝͝ͅ{̵̦̱̺͇͖̦͙̼̖̑̃̌͊͆̑̎̎͌́͝͝9̷̝̰͇̩͓͎͚̯͔̞̳̈́�̵̨̼̝̰̱͇̯̼̖̤̦̜̯̪̀̈̉̚v̷̮͉͙̘̬̟̌̓͐̀̓̀̈́̚N̸̛̞̣̟̭̒̈̌͛͗̉̏͊̃.̵̡̧̻̼͍̭̤̣͉̩̦͕̻̓̎̽͛͆̊͐̔̓͒̃̆̊̀̿̓̀̚<̴̣̠̤͉̩̠̹͉͍̾̈́́͊̍͘̚͝}̵̡̨̡̡̨̛̤̱͇̠̫͇͗̈̈́͒̆͆̀͋͋̾̓̈̃͌̇̈́̕͜ͅ�̶̵̸̢̡̧͔̦̳͕̜̘̗̤͍̞̙̮̪͔̦̪̬͔̝ٕ̹̟̘͉͔̯̝̹͋͋̌̃̂͆͋̈́̾̎̏̏͊̈́̈́̿͊͛͒̈́̐͑̿͗̓́̎͊̐̽͛̾̒̕̕̕͝͝͝ͅ�̸̨͓̠̐̽̽̓̋͂̒͑̎̕͜͜͝_̷̧̤̤͉͈͖̯̬͑͛̎͐̎͊̆͛͌̒̎̆̍̋͝͝ͅ�̷̢̇̍̀̾̓̊̇̈́̾͑͛̅̚̚̕͜2̵̡̢͍̞̲̳̠͕̳͖̹̣̱̞͕̄͑̾̇̐̌̍͠6̴̡̨̛̩̝͈͙̲̪̝̖̞̪͉̟̞͙̪̺͖͑̎̀Į̵̲̝̦̗͆̓̑̈́̀̊̈́͋̾̾̃̚͜͝A̷̢̻͍͈̱͎̥̦̪̹͎̖̼͐͐̄̔̏͆̕͠/̸̡̢̛̮͎͈͓̝͛̈́̋͌̂͗́̐̐̅̀́͐̃̀̾̈́̐́̕c̶͓̦̲̻͓̩̝̼͕̱̆̈́͐H̴̛̩͉̭͔͍̠̠̯̃̚I̶̢̛̬͙̥̹͙̳̯̪̩̤̬͗͐̃͛̅͊̇̎̌͛̓̓̄͆͘͘͜͝͠ņ̵̹̤͈̩͍̤̫͕̞̮̗̩̪̪̄͒̈́͆̃́͌̐̅̚͝͠�̷̡̲̙͈̦͎͈̱̯̤̲̾͐͋͐́̍̇̂͌̕̚͘͜ͅ�̴̧̛̛͙͉̎͒̍̊͗̊̾͆̈́͆͜�̸̡̨͓͙͍̯̖͚̼̱̜̳͔̱̪̠̮̜͔̱̝͊̔͛̎͗̏�̴̛̛̤͇͔̈́̐̐͗̔͌̆̉̋͒̔͒̀͑̈͂͘͝͝͝1̵͈̆̈̉͘Ĉ̴̛͖̗̗̳̣̣͓̦̗̾͛͑̒̈́̋̐́̇̿͐̌̓͋̂͑̌̇̑̐͜Ҿ̵̢̨̤̜̬̲̳̗̏͆͒̋͆͐͗͌̽́̓͌͊̅̈̍̂ܒ̸̡̧̺̞̦̤̺͍̙̮̭͖͊̔̌̈́̋͂̋̆͌͛̐͐̌̋̃̀̇̕͝ļ̷̙̠̙̦̞͗̓̃̓͛̅̌̑̉̃͑̈́̓͂̔̈́͊̚͠�̷̢̛͉̬̩̟̭̺̤̙͙̲͚͕̋̎̒̈́̐̊̐͊͌͜͠Ḭ̷̸̛̺͚̫͎͐̓̈́́̄̄̆̊͗͐̅͂́̓̏̀̊̋̈́́͗̇͂̀̐̚9̷̧̧̛̻̼̱̱̖̞̟̘̦̻̜̺̥̫̥͔̰̣̞̔̽̈́̋͊̃̽̈̿̊̈́̀͝ͅ$̶̝̳̙̭̘̈̔̄́̀̃͗̍̅͜͝�̴̡̨͙̭̰͇͍̦̯̱̗͈͒̓̊́̊̎̎̽̄̌͛̊͋̏͗̕͜͜͠͝ͅv̴̡̢̨̰̙̘̞͎̹̝̫̰͙̰̞̦̬̖͍̽̑̒͗͆̉́͂͜ͅĄ̴̛̤͔̞͎̣͍̱̬͕̹̻̮̟̱̎͂̈́̔͂̋̔͒̌͂͋͂̽̂̕̕̕͜͠͝ͅͅ�̸̯̞͇͉̯̝͕̐̉̊̈́̅́͒̅͌̍͛̃̐͝�̷̨̢̛͙͉̖̯͈̻̗͙̯̬̹̫̘̼̲̀̉̒͋͂͒̐̆̑̊̅͗͛͒̉̒́̔̕̚W̵͎̟͇͕̞̲͓͎̫͍̹̟͇͊͜¸̸̙͙̥͉̘̌͛̒̇́̄͋͋̑̓͋̊̋̾͑̕͝͝͠͝͝ȶ̷̛̫̝͚͙͓̗͈̆́͐͑̽͊͒̍́͛̇̐̑͠W̸̨̧̛̦̯͕̦̊͒̏̈́͑͂̄̽ͅ"̵̧̢̯̳̟͍̥̤͍̠͍̻̻̻͉̼̐͗͜͜͠z̶̧̡̨͉̗̼̳̜̬͈̹̝̱̗͕͙̦̣̬̦͚̊͋̌̐̄̎̑͘͝ͅ�̴̡̨͓͖͉̱̫̻̾̍}̷̧͓̗͕̙͙͔̳͒͋̾̌̄̆̈́̎́̔̾̔̐́̎̕̚͜θ̵̡̝̣̝̣̪̱̞͕̺̈͗ͅ�̶̧̣̤̥̜̮̰͇̹̿̀̈́̂̀͌̿̍̿͒̍͒̋̉̕͜͜͠͠͝x̵̝͂͐̏̓�̸̤͇͍̰̒͊͌̔̈́͂͊̽͘͘͜,̵̪̠̯̳̻̝̖̲͔̫̜̬̤̫͔̜͛̀̈̀̿̎͐>̴̛͕̰͖͖̜͕͖̭͍͎̤̥̖̺̃͂̀͊̈̍̃͋͘~̷̫͍͔̓̓͊͋̔̄͛̅̊̈́̽́́̾̆͌̚͝͝�̴̡̡͚͚̭̫͎̘̰͔̣̲͚̘̭̦̪̻̔́́̓̀̈́͂͗̐̎̽̔̉͠ͅU̵̬̲̹͈̮̖͇̫̻̝̾͊̿͋̀͜x̴̢̧̧̧̖͇̜̱͇̜̤͚̣̜̬̞̺̻̿͂́̽̍̓̒̃͂͊̈̌̄͛̾̎̈̕͠͠͝͠�̴̺̠͖͕͈̰͍̥̖̪̜̞͓̹͚̺̣͍͔͒̉͌́͂͆́͑͌̑̽͘S̵̡̨̮̟̬̲̹̬̩̠͙̜̤͉͇̙͚̬̀̽̈́̓͊̀̉̌̈̀͛͑̌͝͝͝ͅJ̴̡̛̺͒̌̎̒͂̽̏̂͐̔̓̕̚Ž̸̠͎̘̹̺͍̘̤̫͍̮̽̋͆͋̄̂͊̇\̷̡̛͕̟̞̦͚͚͉̭͈̦̟̰͉̲̬͎̹͈̗̀͊̅͒̎̓̐͛͗͆̀͊̀́͊̄́͘͜ͅ�̷̜͙͓̲̘̰̲̘̟͑̃̐̏̾͗͗̈́͂͋̈́̐̊̔̀̏̌̔͜5̶̝̺̼̰̥͍̯̯̰̟̭͇̙͇̻͔͎͙͍̦̣̝̈́̈́̒̐̎̌̐͌́͆́̌̀̽̒̕͠͝͝͠À̴̡̨̛̻̩͇̼͖͑͌̉̿̾̒͐̋̓̽̎̿̚͜͝Ǐ̶̢͚̦͂̾̊̌̓̉̽͒͛̔̓̍̆͛̍̒̀̐́͠�̶̳̣̹͖͔͍͇̙̩̭̮̋͛͌̽̓͂̓̎̈̆̓̓̔̑̀͂�̴̺̖̖̣̺̗̠̱̪̻͛́̎̒̎̐͑̃͌͠ͅF̶̨̠̜̱̦̼̖̭̤̣̭̒͊̓̚͠}̸̻̬̤̅͑͒́̉̿̎̔̔͊̾̍̀̄͆̅̅͐̈́̉͘n̵͓̯̫̖͓̜̋͊͌̑̉͑͐̏͂͌̈́͌̂͌͑̕̚͘Ḻ̸̡̢̖͚̙̦̩̺̱̪̬͎͚̼͔̪͖̃͑́̊Ž̸̧̧̬̣̜͐Ț̵̨͛�̶̢̢̡̢̢̛͎̫͔̥͕͕͙̭̹̟̜̭̌̾̽̊̑͌̑̅̎̀̌͋̏̇̉͒̚̚͠;̵̹͇̹̪̠͚͉̼̰̬̱͎̳̺̈́͌́̉́̔̃̽́́̚͝͠Ķ̶̛̞͈̟̠͔̰͈̯͙̱͕͉̙͉͍̱̪̔̉̌̌̇̊̂̓́̑̋͂̈́̆͒́͜͝͝͝Ӛ̸̧̡̳̱̩̪̟̜̦̝̤̘̄̓͋̀̊̉̔͆̒̿́̿̍̃̚q̴͉͓͖͊͗̎̀�̴̛̛̱͍̀͂̏̌̓̈̒̀͠͝͠&̴̛̞̝͔̝̙̯͇̥͎̱̰̭̬̘͈̂̀̅̀̂͑́̉̈̓̐̔͝ͅN̵̰͎̜̼̤͈̎̒̀͒͆̌̓͑̈́̉̕̕͘Q̵̨̞̩̼͈͔̖̪͉͉̜͈̦͔̹̳̉͌̇͜ō̷̡̨̡̼͇̲̝̟̦͚̤̙̤̺͋̿̈́̐̆̀̇́̃͐́̄̔̚3̸̢͖̭̤̥̆̇̂̔́̊͐̐̅̌́̋̈́͗͠ͅͅ2̵̧̛̥͙͙̫̙͉̺̖̬̪͎̩̙͚̺͐͛̉̃̎͗͐̄͌̎̍͑̃̚ͅy̴͕̬̙̥̝̪͔̭̺̪̙̟͍̼̜̜͚͉͙̬͂̄̂̀́͋̋́͒́̀̋͗̑́̅͝7̸̢̢̧̢̨̳̺̱̲̝͚̣̺̲̞̹̜̼̣̭̘̓̽͑͛͒̇̇̾̎̔͒̈́̄͐̕̕ͅ�̵̨̨̧̛͇̩̫̲̯̜̤̼̥̲͔͉̐̅̓̍̀̓͐̎̓̉̋̿̿͆͘͘͜�̸̝͍̠͚̫͎̉͂̉̀́͗̌̓̇̋̕͜�̶̨̨͔̫̹̩̮̠̬̠͚̩̻͓͈̰̇͂͊̿̑͐͑̾̀̐̑̂̅̚͘0̸̻̹̻͙͓̾͆̀̄̍̽͂̀̓̀͌̉͐̾͐͛͘͝ͅ"̴̸̨̖͖͖̦͚̫͙̠͓̪͚̭̘̟̜̘̞̘̰̗̟̃̍͐́͌̍͂̆͊̊̀̂̃̀͊͊̋͐̑̎̈́̿͘̚͜͝L̷̙͓͔̭͚͔͕̐̇͂̽̚Į̵̧̳̩̖̟̥͈̩̬̲̻̳͖͍͚̻̖̗̳͔̂̈́ͅs̵̡̛͚̲̹̗̞̙̬̱̘̖̫̦͍͈̜̣̮͍̽͘͜ͅ>̷̛̣͎̉̃̽̋̐́̌�̶̨̛͙̞͈̖̤̻̝̫̳̃̎̃̄͌̉�̴̢̨̺̘̳̪̤͈͙̣̳̤̠̝̮͉͇̟͈̪̤̉̊͗̇͜j̴̡̥͇̘̰͎̣̘̺͚͔͐͛̈̑͒̂͌̿̔̃̀͘͠͠!̴̡̡͉̰̮̱̭̠͖̥̳̘͉̩̈̊̀͊͊̉́̃̂̑͘͝͝͝�̶̨̢̡̛̞͉̺̦͙̙͒̀̈́̾̾̑͋̌̆́̑͌͐̿̍̍̎̈́͘͠�̵̜̤̖̞̤͎̱̪̞͖̬̻͙̽̋͗͆͜͝Ṽ̵̧̛̥̭͆͐̈́͊̀̌̉�̵̼̲̘͎̰̤͖͖̼̾́͌̿͑̄͜�̷̨̹͎͙͎̮̫̪̥̭̲̻͕͙̮̬̫̪͊̚ͅͅḱ̷̡̨͈̫̹̯̹̯̰̩̝͖̮͚͉̣̠̺̺͙̑̈̎̓͋̈́̕͜͜͠�̵̢̧̡͎̺̪͇̘̳͖̥̙̩̻̖͙̆̈̌̄̂̎ͅͅ�̶̢̮͓̮͇̩̖͈͙̘̇̿͛̃̅͗̂͂ͅ2̷̢̛̭̘̮͎̠̪͎̺͈̣̒̎̑̐̽̉̾͑̈́͑̽̒͒̈͗͝͠O̴̡̟̩̼̱͇͕̮̼̪̫͕͂̽̿̊̐͊̀͆͒̈́͆̉̿̾̿̚͘͝͝≮̨̡̣͍̜̯͇͔̗̘̯̗͈̹̱͎͚̠̼̯̓̓̌͛̊̚ͅ2̵̧͕̇̌̈̇͗̂̂͛̀̉̿͝͝Ẅ̷̝̱́̋̓̍́ͅ�̴̡̛͕̟͙̝̘̘̟̦̩̟̞͛̿͗͌͊̐͑͑̄̇̾̽̑̑͗̔̀̕͘ͅƽ̷̛͖̦̭͈̹̮̤̾̍̇̓̉̒̀̔Y̵̡̢̨̪͓̼͉̦̣̟̺͙͔̘̦͙̬̪̬͙̌̔͌̔̊̇̂̋͂͆̆͐̍͐́͘ĉ̴̡̡̟͍̰̣̮͈̣̜͈͇͎̈̍͗̅̐̀̔̈́̈́͝Ą̴̛̪̙̺̻̼͔͔̥͇̥̙͚̐̔̉̔̈̎̂̄͒̇͗̕̚͝#̸̮̖̪̍̉̇̑̀̋̉͆̒̀̿̈́́̇͋̂́͝͝͝8̵̛͙̤̲̟̥͚̘̰̬͕͖̰̋͆̀͊̒͋͝�̷̡̨̨̖̝̱́͐͘̚ͅJ̴̨̡̟̰̬͚̬̰̞͍͇͔̞̲͓̝̠͚̘̮̈́̂͂́͒̀̈́̅̄̏̋̍̃̑͠͝�̷̢͔͔̮̖̹̙̺̟̩̫̼͓̘͚̙̩̐͌͌͋͊̕̕͜͝ͅÖ̸̧̨̭͓̘́̅̑̿̋͑̈́͐̓͂͐̀̂̆͆͋͆̇̐͘͠f̶̛̤̳̜̰̖͈̜̝͚͕̐̒̐̔̒̌̎͐̀̔̽̉̀̈́͘͘̚͝͠�̶̟̬͙͊̀̔̃̅̎̒̓͛́̓̔̂́͂̾̌̍̃͐̉͝p̷̡̨̗̪̟̥͂̄̕ه̸̥̤̺̘̞̗̔̉̇̊͌̏̒̓͂̿̂̐͆͂̎̓̽̕ͅẒ̸̡͍̞̺̮̖̝̠̥̗͉̥̻̟̦̘̖̥͕̈́͛͛̓͠b̴̨̤̬͕͍̺̗͇̳̙̜̭̱̻̩̳͚̳̲͎͙̿͛͑̎͆͗̌̈́̐̕͜�̵̛̜̦̗͔̹̙̪̬͍͈̯͉͙̞̲̞̜́̂͌̑́̏͜%̸̨͙͖̝̬̥̩̻͔̟̼͂̆̓̔̀́͋̂̋̃̆̂̾̏́͑̌͘͝͝͠͝1̶̢̧͔̼̤͓̙̜̑̊̉͋̊̆̓̆̋͂̅̒̾͜͝g̸̡̣̖̈̓̎̊̇͂̀̃̎̂̌̒̕�̷̡̮̯̺̺͉͔̬͋̔͐̒̉̈́͑́͘͠͝͠w̷̨̬̘̞͔͔͍̪͖̙̳̮̖̯͙͚̬̜̥̣̰̍̾̂̽͑̄̀̾͊͊͛̈́̇̈́̈́ͅ�̴̡̩̩͚̼̙̩͚̯̥̖̟̔̊̉̍̈́̓̈́̑̔̀͘͜͝!̴̮̾̒̀̈́̾̑͂͋͌̅̽̊́̄͊k̸̦̳̠̲̥̓̈͒͐̌̔͆̏̆͂͌̑̐͘*̴̨͕̬̜̼̣̮̈́̈́͑̐̔̑̓͋̏̏̕ḩ̴̪͚̲͉̗̯̗̺́̈̆̑͌̉̏̊̎͘(̴̨̨̙̩͔͗͂̈̄̂́̏̐͛̉̈́̑̏̒̇̈́̀͝ʶ̵̢̨̨̡̤̖̖̼͇̟̝̆́̀͂͂̒̍̃́͌͝7̴̛̭̰͓̖̝͔͌̿̈̀̔̃̒̿͌͗̋̑̈́̚ͅ3̵̧̗̱̙͔̳̻͚͙̞̆�̵̢͙̗͕͚͚̙̘͕͈͍͔̇͐̂́͂̄̀̈́̔̌̕̕͜@̵͖̱̭̟͝�̶̙̰̲͚̣̤̹̖̖̦̂̒͑̑̍̐͝C̴̡͉͚̹͍̖͍̭͚͍̠̲͚͚͓͒̌̃ͅC̶̛̞̤̭̐̅̇͛̀̄̈́̌͐͑͌̾̋̕̚̚͘͘͝�̵̛̰̥̲̻͖̭̮͇̬͎̿͂̒̃̽̂̔̓̏̈́͛̍̚̕͘h̸͖͎̗̪̠̰̐̊̑̋̃̏̈́͋͂̕͠Ū̵̱̘̹̳̒̐̏̃͜s̸̮͇̲͖͎̺͚̹͇͋̃̈́̈́̃͐̐͌̑́̕͝Ժ̵̺̙̯͎̲͎̼͇̺̣̙̦̗̔̓͑͒́͊̓̽ę̷̧̧͚̗̘͚̱̤͈͚̩͓̞͍̥͈̄̿̆̇͑̇͑̈́̿̑̅̒̚͘!̵̨̢̬̰̰͕͖̟̟̜͉̘͕͎̺̣̯̩̻̔̈́̓͐̊͂̔̂͑̌̐̅͐̓͌͌̈̐̉́̚̕_̸̧̫͔͎̙̠̪̼̖̞̣̗̮̗̦̭͉̺͕͕̔̋̆͛͛̑͝�̴̨̛͍̭̩̭́̌̓̀̍͝͝͝ͅ�̸̢̣͖̺͚̝͇̲̻̯͇̫͙̬̯͓͈̻͕͚̊̍̔̉͆̌̽̃̃̂́̋̀͝d̴͔̹͔̜͚͇̭̝̜́̏̇͊̍̓̄̚̕͝Ŗ̵̢̧̘̮̤̯̫͓̞̪̫̖͎̣̽͊͒̅͘�̴̶̧̢̢̦̺̜͕̜̥̥̦̙̗̖͇̦̠̭̰̞͓̳̙̌̇̿̆̈͊̍̑̈͗͐̈ٞ̽̂̋̀̉́͒͌̚̕͝͠p̴̢͎̦̮͕̹͇̯̦̜͈̖̣͔̜͖̹͕̓̀́́̾̕ṿ̷̨̨͉̹̪̝̥̞͔̦͇̺͇̺̱̓͆̒͒̊̊̂̄̾͊͋̓̑̀̕G̵̭͇̲̱̥̠͎̖̙͔̑|̸̧̬̰̯̇͂̔̇̎̅́͂̉̆̓̓̔̔̚̚͝͝.̸̦͈͓̲̗͎̻̝̬̇́͘=̶̧̧̧̧̪͚̝͉͚̩̲͇͇̜̪͍̝̫̒̓͋́̍̀͆̍ͅͅ4̸̧̨͚̞̰̗͍̭̬͇̩͚̣̟̲͍͎̃͋͂̚{̵̢̨̢̟̳̞̦͖̘̞̙̖̮̣͚̜̹̤̪͔̓̈͂͗̓̈͆̚͝͠ͅͅv̸̡̤̼͍̤̰̭͉̝̙̗͇̻̯̘̺̮̤̣͚̠̤͛͌͗̌́̽̏̌̓̅̚͝͝"̶̨̹̼̬̘͔̳͕̼̲̫̟̜̟̫̳̯̬͌̉́̀́͝ͅͅ&̶̡̜̬̣̬͓̻̱̲̯̰͉̯̱̳̮͈̣͉̖̟̇̊͜.̷̬͖̖̬͊̃̌ͅ�̸̢̢͓͈̝͍͎̺͋̈́̉͂͒͒̏͑̑̌̽̈̄̐̒̕͝͝͝͝͠�̵̢̨̛̯̖̣͚̹̠̘͇̞̭̗̲͓̊̄͒͂͋͊̀̋͑̓͑̈́͑̕͠͝͠m̵̧̧̭̟̮̣̗̥̫̼̱̻̞̳͉̙̱̮̫̪͂̅̀̋͗͜͠≠̛̯̺͎͋̌̀̐̔̈̇̇̽͌͑̏̾̍̾̓͝_̷̱͇͒̓̏̂̔͊͆͘͝�̴̷̡̧̧̛̭̤̞̺̹͎̭̻̖̮̹̳͖͚̹͉͍̥͓͕̥̘̻̜̓͗̐̒̄͊̐͋̀͗̀̔̍̾͛͗̆́̈̚̕̕͜͜͠͝͝͝ͅD̶̢̛͙̞̖͎̱̱͕͚͔͍̑̇͒̃͂̈́͒̃̐͋̊̃̈́Z̷̯͕̳̝͇̠͔̣͈̖̞̿́͜͝ͅZ̶̢̗̙̝̖̯̹͚͙̤̝̗̮͕͖̚ף̵̧̡̨̯͕͕̮̺̗̼̫̭͖̟͍̤̮͖͔̯̫̉̋�̸̫͍̞̘̻̠̮̖̥̱̻͈̹̣̦̖̅̍̓́͋́̉̓̓̅͘ͅa̵̘̮͍͍̮̠̦̙͉̔̉͒̽̓̅̏̈́͊͗͆̏̇̕̕͜͠ȧ̴̞͖̹̮̖͓̠̆̀́͝ͅZ̸͍̙̘̟̳̗͇̄̇́́�̷̡̤͍̝̦̤̻͙̹̱̱̗͔͔̻̙͔̠͗̐́̿̽̉͋̾̄͆̎̀͋̈̈́̌͜͠�̶̧̛̤̤̟͍̫̳͎̞̲̱́͑̓̽̾̀̑̍̾̿͊͑͜͝͝͝Ĉ̴̢̡̢̨̧̰̤̪̦̟̟͉͎̪̩̻̺̺̞́̈́̌̉̚q̴̧͕̫͉̻͓͖͖̞̣̰̮̼̟̯̰̒̾͊̀̇̃̿͋͐̾̈̃�̸̺̠̞̫̝̜̺̹͚͍̈́̆̔͑̏̌̀̓́́̏̀̃̓͋͑͘̚͝!̴̥̹̗̟͉̣̔̄̓̒̃̃̔̒͂̅̈́̂̐̎̐̅̋̕͘͜͜ͅs̴̡̢̛̹̰̠̰̥̤̭̰͈͉̥̞͓͈͎̹͙̲̈́̃̊̄̏̀̋̊̂͑̑̈͘͠G̸̡̡̢̣̣̭͎̟̱̮̗̰̣͕̱̩̪̞͚̅̽̋̉̈́̋̂̀͒͑͠͝1̴̳͒̾́͗̓̊̀̑̍̈́͑̈́͂͘͝͠Ţ̸̢̫̥̹̦̭́̓͒͜3̴̧͙̠̝̮̭͖͕̭̘̞̥̗͈͉̖̞͇̖͈̳̫̓͊͑̄͐�̸̛̱̄͋̓̓̑͑̔̑̐͒͂͐̋̀̌͒̕͝͠=̴̢̡̭̤̹͕̳͖̈́̀̀̍̿̚2̵̨͉̟̺͇̝̞̯̳̦̦̿͛͒̐́̀̽̂̉͐̂̽̑̕͘͠͠͝l̶͍̠̜̩̮̜͎͊̅͊̿͒̓̋̄̏̈́̀̕͘͘͝ͅͅb̶̨̩̞̠͕̹̘̩̮̱̥͔̭̯̯̘̈̈́͒̀͆̓͝,̸̠̊̂̑͂̍͂͒̎̊́̈́̊̈̎͠͝�̴̛̤̳̥̱͇̱̱̪̫̀̐̾̿̿̿̕͜͝�̴̢̢̯̙̲̻̳̩̞̭͈͉̥̱̺̙̱͎͙͑͒͌͝ͅ�̵̘̋̾͑͌�̷̸̢̡͕̳̼̣̞͙̖͔̬͔̙̦͍̲̹̰̬̯̣͔̠͔̼͔͕͕̗̝̮̈̈́̋̄̑́̌͛̿̈̐̒̏̍̕͘͜͜͝�̷̲̣̰͍̠͉͇̌̓̒̀̂̌͛̉͊͑͒̿͗͒̏̅͝镰̵̢̩̱̭̘̭̦͔̘͉̟̟̰͈̲̩̖̂̇͛͌̐̇̿͊͌̃̓̀̍̈͘͘̕ṇ̸̛͍̩͒̈́̓̓͆͌̈́̈́͂͠͠)̴͎̩͙̇̿̽̑̃̇̎͊̊̂͐̄͛͐̂̈̽̚̕͝͠L̷͙͔͇̥̹̩̝̟̞̙̯̣̦͎͂̍̓̃͑͊̇̐̊͆̿̀̇̓̈̎̚̕͜͝d̵̨̟̰̘͎̖̼̙̺͕̥̥́͊̀̋̄̚]̷̘̩͙̅̽�̸̧̝̗͉̮̱͇̯͔̭̦͓̤̣̗̘͚̫̪͎͚̠̽̓̉̋͆́̈͆́͂̀̔̀̚͝͝�̷̢̮̖͉̫͇̃͑͗̂̓͗͒̀́̅͂̈́̎̊̀͘̕͠͝Ϯ̵̡̢̬̣̬̟̬̰̭͇̬̫̱̐̐̎̄͌̅̿̓̒̓̈́͘͜͜͝
Entropy so strong it makes quantum computers cry.
You fool, you utter buffoon -
This is what a strong enough password looks like
https://youtu.be/Udf44K6rt-E?si=NarzUUr0YLNEhtxi
I suspect if the cracking code was constructed such that it had more weight on trying combinations of common words then this would be much easier to crack
I would naively think that as well - you would expand your alphabet of “symbols” to include both single letters and numbers and punctuation but also common words as well. It is still a lot of combinations to have to try though, even if less than each letter by itself.