Hi, I would like to talk about wallet passphrases today.
Let me guess, your passphrases looks like this: ILoveMom1, Id34ddf, zd23ldp2, ...
Stop that! You are totally doing it wrong.
Why? Let's consider. What do we need?
There are two variables that decide how many guesses are needed to crack your passphrase:
x^y where x is the space of possible characters your passphrase is build with and y is the number of characters you have in the passphrase.
When a password only allows 'y'es and 'x'es you have 2^(number of letters) so the passwords xyy is cracked by 2^3 guesses. If you use english letters it's 26^3 letters.
Idiots told you to make x greater by adding numbers, special characters and stuff into the password. So what happened? Everone started adding numbers and special char. Guess what? They add an 1 or and ! at the end of their password. So instead of making x from 26 letters of the english alphabet to 36 (letters + numbers) to 50 or something with special characters they made it just 1 or 2 bits more (if you want to crack a password with special chars you need just to add a 1 or an !). Nobody can type that special/upper case stuff so nobody makes it good. Plus as nobody can remember that special characters random nonsense people begun to keep their passwords and never change it. That leads to this being impactful: haveibeenpwned.com
What would be the better way? Just make y really big. Use a passphrase with lower and upper characters that have 20 to 25 characters. How do you remember that?
Just make a long and strange sentence noone would ever guess and use the capitals words:
"My red horse is a little horse that needs to be fed every day. I really like my 3 red horses."
MrhialhtntbfedIrlm3rh
You are not convinced? Click here and here
Also never use your wallet passphrases somewhere else. Consider every password you use in the internet broken so only use bullshit passwords for non important services.
With this knowledge nobody will be able to hack your passphrase by trying it. Be safe!
For the other raspberry wallet posts just watch my blog.