64 bits password = 13 characters?

Clash Royale CLAN TAG#URR8PPP

up vote
1
down vote

favorite

If we use upper and lower case letters, and 10 digits, we get
approximately 6 bits per character. Then, strings of 13 characters
should work.

I saw above explanation in the material, but I cannot understand how 13 characters are appeared. How can I compute?

passwords

share|improve this question

asked 5 hours ago

baeharam

112

add a comment | 

up vote
1
down vote

favorite

If we use upper and lower case letters, and 10 digits, we get
approximately 6 bits per character. Then, strings of 13 characters
should work.

I saw above explanation in the material, but I cannot understand how 13 characters are appeared. How can I compute?

passwords

share|improve this question

asked 5 hours ago

baeharam

112

add a comment | 

up vote
1
down vote

favorite

up vote
1
down vote

favorite

If we use upper and lower case letters, and 10 digits, we get
approximately 6 bits per character. Then, strings of 13 characters
should work.

I saw above explanation in the material, but I cannot understand how 13 characters are appeared. How can I compute?

passwords

share|improve this question

asked 5 hours ago

baeharam

112

If we use upper and lower case letters, and 10 digits, we get
approximately 6 bits per character. Then, strings of 13 characters
should work.

I saw above explanation in the material, but I cannot understand how 13 characters are appeared. How can I compute?

passwords

passwords

share|improve this question

asked 5 hours ago

baeharam

112

share|improve this question

asked 5 hours ago

baeharam

112

share|improve this question

share|improve this question

asked 5 hours ago

baeharam

112

asked 5 hours ago

baeharam

112

asked 5 hours ago

baeharam

112

112

add a comment | 

add a comment | 

2 Answers
2

active

oldest

votes

up vote
2
down vote

It's likely an error. The number of possible passwords of length $l$ from a character set size of $n$ is $n^l$. The number 13 probably came from a calculation for a character set with only one case. A set of $36^12$ passwords is smaller than a set of $2^64$. You need one additional character to get 64 bits of information.

$$36^12 < 2^64 < 36^13$$

A 13 character long password from a 62 element character set is equivalent to

$$log_2(62^13) = 13 * log_2(62) approx 77.4 text(bits)$$

The actual minimum number of characters for that character set is

$$lceillog_62(2^64)rceil = lceil64 * log_62(2)rceil = 11 text(characters)$$

And for that character set there are $log_262 approx 5.95$ bits of information per character. You can get the same number $11 = lceil 64 / ~5.95 rceil$.

A 13 character string^* is sufficient to get a password with at least 64 bit strength. However that's satisfied by any number of characters no less than 11, making 13 characters unnecessarily long.

_{* Randomly selected from a uniform distribution}

share|improve this answer

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

add a comment | 

up vote
1
down vote

Suppose the number of a set $S$ is denoted as $Card(S)$ (which is sort for cardinality if you didn't know), then

$Card($uppercase-letters$)+Card($lowercase-letters$)+Card($digits$)
=26+26+10=62$

To represent an element from a set of 62, you need a string of at least 6 bits, this is because $2^6 = 64 ge 62$

However I don't understand the title where it says "64 bits password = 13 characters" because $ 6 cdot 13 = 78 $ which is way bigger here, than 64.

To achieve at least 64-bit entropy, you need to uniformly draw $ 64 over log_262 approx 11.00$ characters (10.749 to be more exact).

share|improve this answer

answered 4 hours ago

DannyNiu

840324

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
);
);
, "mathjax-editing");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f63774%2f64-bits-password-13-characters%23new-answer', 'question_page');

);

Post as a guest

Name Email

2 Answers
2

active

oldest

votes

2 Answers
2

active

oldest

votes

active

oldest

votes

active

oldest

votes

up vote
2
down vote

It's likely an error. The number of possible passwords of length $l$ from a character set size of $n$ is $n^l$. The number 13 probably came from a calculation for a character set with only one case. A set of $36^12$ passwords is smaller than a set of $2^64$. You need one additional character to get 64 bits of information.

$$36^12 < 2^64 < 36^13$$

A 13 character long password from a 62 element character set is equivalent to

$$log_2(62^13) = 13 * log_2(62) approx 77.4 text(bits)$$

The actual minimum number of characters for that character set is

$$lceillog_62(2^64)rceil = lceil64 * log_62(2)rceil = 11 text(characters)$$

And for that character set there are $log_262 approx 5.95$ bits of information per character. You can get the same number $11 = lceil 64 / ~5.95 rceil$.

A 13 character string^* is sufficient to get a password with at least 64 bit strength. However that's satisfied by any number of characters no less than 11, making 13 characters unnecessarily long.

_{* Randomly selected from a uniform distribution}

share|improve this answer

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

add a comment | 

up vote
2
down vote

It's likely an error. The number of possible passwords of length $l$ from a character set size of $n$ is $n^l$. The number 13 probably came from a calculation for a character set with only one case. A set of $36^12$ passwords is smaller than a set of $2^64$. You need one additional character to get 64 bits of information.

$$36^12 < 2^64 < 36^13$$

A 13 character long password from a 62 element character set is equivalent to

$$log_2(62^13) = 13 * log_2(62) approx 77.4 text(bits)$$

The actual minimum number of characters for that character set is

$$lceillog_62(2^64)rceil = lceil64 * log_62(2)rceil = 11 text(characters)$$

And for that character set there are $log_262 approx 5.95$ bits of information per character. You can get the same number $11 = lceil 64 / ~5.95 rceil$.

A 13 character string^* is sufficient to get a password with at least 64 bit strength. However that's satisfied by any number of characters no less than 11, making 13 characters unnecessarily long.

_{* Randomly selected from a uniform distribution}

share|improve this answer

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

add a comment | 

up vote
2
down vote

up vote
2
down vote

It's likely an error. The number of possible passwords of length $l$ from a character set size of $n$ is $n^l$. The number 13 probably came from a calculation for a character set with only one case. A set of $36^12$ passwords is smaller than a set of $2^64$. You need one additional character to get 64 bits of information.

$$36^12 < 2^64 < 36^13$$

A 13 character long password from a 62 element character set is equivalent to

$$log_2(62^13) = 13 * log_2(62) approx 77.4 text(bits)$$

The actual minimum number of characters for that character set is

$$lceillog_62(2^64)rceil = lceil64 * log_62(2)rceil = 11 text(characters)$$

And for that character set there are $log_262 approx 5.95$ bits of information per character. You can get the same number $11 = lceil 64 / ~5.95 rceil$.

A 13 character string^* is sufficient to get a password with at least 64 bit strength. However that's satisfied by any number of characters no less than 11, making 13 characters unnecessarily long.

_{* Randomly selected from a uniform distribution}

share|improve this answer

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

It's likely an error. The number of possible passwords of length $l$ from a character set size of $n$ is $n^l$. The number 13 probably came from a calculation for a character set with only one case. A set of $36^12$ passwords is smaller than a set of $2^64$. You need one additional character to get 64 bits of information.

$$36^12 < 2^64 < 36^13$$

A 13 character long password from a 62 element character set is equivalent to

$$log_2(62^13) = 13 * log_2(62) approx 77.4 text(bits)$$

The actual minimum number of characters for that character set is

$$lceillog_62(2^64)rceil = lceil64 * log_62(2)rceil = 11 text(characters)$$

And for that character set there are $log_262 approx 5.95$ bits of information per character. You can get the same number $11 = lceil 64 / ~5.95 rceil$.

A 13 character string^* is sufficient to get a password with at least 64 bit strength. However that's satisfied by any number of characters no less than 11, making 13 characters unnecessarily long.

_{* Randomly selected from a uniform distribution}

share|improve this answer

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

share|improve this answer

share|improve this answer

edited 4 hours ago

edited 4 hours ago

edited 4 hours ago

answered 4 hours ago

Future Security

1,5741117

answered 4 hours ago

Future Security

1,5741117

answered 4 hours ago

Future Security

1,5741117

1,5741117

add a comment | 

add a comment | 

up vote
1
down vote

Suppose the number of a set $S$ is denoted as $Card(S)$ (which is sort for cardinality if you didn't know), then

$Card($uppercase-letters$)+Card($lowercase-letters$)+Card($digits$)
=26+26+10=62$

To represent an element from a set of 62, you need a string of at least 6 bits, this is because $2^6 = 64 ge 62$

However I don't understand the title where it says "64 bits password = 13 characters" because $ 6 cdot 13 = 78 $ which is way bigger here, than 64.

To achieve at least 64-bit entropy, you need to uniformly draw $ 64 over log_262 approx 11.00$ characters (10.749 to be more exact).

share|improve this answer

answered 4 hours ago

DannyNiu

840324

add a comment | 

up vote
1
down vote

Suppose the number of a set $S$ is denoted as $Card(S)$ (which is sort for cardinality if you didn't know), then

$Card($uppercase-letters$)+Card($lowercase-letters$)+Card($digits$)
=26+26+10=62$

To represent an element from a set of 62, you need a string of at least 6 bits, this is because $2^6 = 64 ge 62$

However I don't understand the title where it says "64 bits password = 13 characters" because $ 6 cdot 13 = 78 $ which is way bigger here, than 64.

To achieve at least 64-bit entropy, you need to uniformly draw $ 64 over log_262 approx 11.00$ characters (10.749 to be more exact).

share|improve this answer

answered 4 hours ago

DannyNiu

840324

add a comment | 

up vote
1
down vote

up vote
1
down vote

Suppose the number of a set $S$ is denoted as $Card(S)$ (which is sort for cardinality if you didn't know), then

$Card($uppercase-letters$)+Card($lowercase-letters$)+Card($digits$)
=26+26+10=62$

To represent an element from a set of 62, you need a string of at least 6 bits, this is because $2^6 = 64 ge 62$

However I don't understand the title where it says "64 bits password = 13 characters" because $ 6 cdot 13 = 78 $ which is way bigger here, than 64.

To achieve at least 64-bit entropy, you need to uniformly draw $ 64 over log_262 approx 11.00$ characters (10.749 to be more exact).

share|improve this answer

answered 4 hours ago

DannyNiu

840324

Suppose the number of a set $S$ is denoted as $Card(S)$ (which is sort for cardinality if you didn't know), then

$Card($uppercase-letters$)+Card($lowercase-letters$)+Card($digits$)
=26+26+10=62$

To represent an element from a set of 62, you need a string of at least 6 bits, this is because $2^6 = 64 ge 62$

However I don't understand the title where it says "64 bits password = 13 characters" because $ 6 cdot 13 = 78 $ which is way bigger here, than 64.

To achieve at least 64-bit entropy, you need to uniformly draw $ 64 over log_262 approx 11.00$ characters (10.749 to be more exact).

share|improve this answer

answered 4 hours ago

DannyNiu

840324

share|improve this answer

share|improve this answer

answered 4 hours ago

DannyNiu

840324

answered 4 hours ago

DannyNiu

840324

answered 4 hours ago

DannyNiu

840324

840324

add a comment | 

add a comment | 

 

draft saved

draft discarded

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f63774%2f64-bits-password-13-characters%23new-answer', 'question_page');

);

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Name Email

Name

Email

Name Email

Name

Email