[[A man is sitting facing a computer, Hat man is standing behind him.]] Hat man: Password entropy is rarely relevant. The real modern danger is password reuse. Man: How so?

On each row, the first panel explains the breakdown of a password, the second panel shows how long it would take for a computer to guess, and the third panel provides an example scene showing someone trying to remember the password.)) [[The password "Tr0ub4dor&3" is shown in the centre of the panel.

It starts off on a practical level, with Black Hat describing to Cueball a devious social engineering scheme. It relies on the fact that people commonly reuse the same password on multiple websites, and tend to create accounts on new websites somewhat indiscriminately.

In a third, titleless column, a set of empty boxes that one might use to fill in a sequence of letters.]] The greatest crossword puzzle in the history of the world {{Title text: It was bound to happen eventually. This data theft will enable almost limitless [xkcd.com 792]-style password reuse attacks in the coming weeks.

Explain xkcd: It's 'cause you're dumb.

April 18, 2010 - They don't realize that I have to personally know and work with about ~50 (changing) passwords at any given time; all they realize is them having to change a single password every 3 months is such a horrendous process and that I have caused them so much grief and extra work in their work day. -not looking forward to implementing ... I read a redditors AMA on this a few months back, this cartoon is xkcd is reddit flavored! ... Mark Zuckerberg has actually already done this. ... people can still reuse just have to be slightly more creative than a rock.

That's before using all symbols ... to type on smartphones and soft keyboards. xkcd's password generation scheme requires the user to have a list of 2048 common words (log2(2048) = 11)....

January 9, 2010 - /r/xkcd is the subreddit for the popular webcomic xkcd by Randall Munroe.

Answer (1 of 2): The site Explain xkcd takes a dead-serious attitude towards deconstruction of xkcd jokes, and at times not even they manage to “explain xkcd” fully. In this case I think they have a pretty good case [1] going: > If [Black Hat] had any beliefs or ideology, he could use this ...

I can't say I was impressed the last time I looked, so I wrote a quick python routine that takes the name of the site (whatever I wanted to list it as), concatenates it with my master password, then runs it through SHA-2. The resulting hash is then coded into base64. Note that sometimes I have to add filler to the sitename until I get a password that meets all the idiotic restrictions. Code: Select allpages=[ "xkcd + seed1", "lesser sites + seed2", "blah + seed3", "blah + seed4"] # seed added due to comments below.

Explain xkcd: It's 'cause you're dumb. ... In similar spirit to 538: Security, this comic deals with how many people perceive hacking and security best practices, and how it differs from the actual reality. Specifically, the comic points out the flaw in the argument of some security-minded people that writing passwords down on a sheet of paper is a massive operational security vulnerability, not accounting for the threat model of the general public: reused passwords being leaked from seemingly benign places.

That’s important, because the more unusual words are used, the harder the password will be to remember. For example, “decimalisation contrapuntal assizes diabolism” is not particularly easy to remember, I’d say. The xkcd strip suggests 11 “bits of entropy” per word, which can be achieved using a list of 211 = 2048 words.

September 13, 2010 - As one of the millions of people who reuses passwords, I found this xkcd utterly brilliant: I wonder if it would be possible to program a web search that looks for the frequency of use of the words…

September 14, 2010 - Today’s XKCD is amusing, but still makes a very valid point. After using ultra-stupid passwords such as “password”, “123456” and “abc123”, password-reuse is the second biggest threat to the security of your accounts.

>| Permanent link to this comic: https://xkcd.com/538/ Image URL (for hotlinking/embedding): https://imgs.xkcd.com/comics/security.png · A Crypto nerd's imagination: Guy [[Holding Laptop]]: His laptop's encrypted. Let's build a million-dollar cluster to crack it. Other guy: No good! It's 4096-bit RSA! Guy: Blast! Our evil plan is foiled! What would actually happen: Guy [[Holding money tag and wrench]]: His laptop's encrypted. Drug him and hit him with this $5 wrench until he tells us the password.

Explain xkcd: It's 'cause you're dumb.

Website and underlying password generation library (XKPasswd.pm) by Bart Busschots. Banner by Stu Helm (incorporating artwork from the XKCD Web Comic).

Reuse passwords across multiple sites - one breach compromises all accounts · × · Use personal information like names, birthdays, or addresses in passwords · × · Use common passwords like "password123" or "qwerty" × · Share passwords via email, text, or other insecure channels · × ...