Resources for the global digital safety training community.
Entropy and Password Security
Credits Jon Camfield Last Updated 2024-02
Entropy is the measure of randomness, and it is exactly the randomness of passwords that gives them strength. Importantly, though, that does not have to come from impossible to remember jumbles of complex characters (though it certainly can!). This topic should help expose the nuance around password complexity conversations, as well as explain some of the weirder rough edges of security tools (like having to move your mouse around randomly to set up veracrypt drives).
This content is derived with permission from JonCamfield.com
Learning Goals
- Understanding entropy as a measure of randomness
- Understanding its role in password security
- Deeper understanding of how password cracking works in practice
- Ability to connect entropy to cryptographic security
- Guessing Game
- Combo Lock-Picking
Activity and Discussion
- Entropy and You
Input
- Working with Entropy
Deepening
- Entropy and Security
Synthesis