Password or Passphrase

library(magrittr)

Should you use a password or a passphrase? The time it will take your adversary to crack your safe using a brute force method is:

$$Years_{Expected} = \frac{\frac{S^L}{2}}{Guesses/Year}$$

$S$ is the set from which you draw random elements, e.g., letters or words and $L$ is the length of elements in your passphrase.

Using only three randomly chosen terms from the EFF’s New Wordlists for Random Passphrases, it would take an expected 7.5 years to crack your password at 1,000 brute force guesses per second. That seems easier than memorizing a random string of characters.

passwordAlphaNumeric <- NULL

for(i in seq_len(30)) {
  passwordAlphaNumeric <- c(passwordAlphaNumeric,
                  ((52^i ) / 2) /
    (1000 * 60 * 60 * 24 * 365))
}

passwordASCII <- NULL

for(i in seq_len(30)) {
  passwordASCII <- c(passwordASCII,
                  ((95^i ) / 2) /
    (1000 * 60 * 60 * 24 * 365))
}

passphrase <- NULL

for(i in seq_len(10)) {
  passphrase <- c(passphrase,
                  ((7776^i ) / 2) /
    (1000 * 60 * 60 * 24 * 365))
}

passphrase5caps <- NULL

for(i in seq_len(10)) {
  passphrase5caps <- c(passphrase5caps,
                  (((7776 * 5 * 2)^i ) / 2) /
    (1000 * 60 * 60 * 24 * 365))
}

crackTime <- data.frame(cbind(passwordAlphaNumeric, passwordASCII, passphrase, passphrase5caps))
crackTime$passphrase[11:nrow(crackTime)] <- NA
crackTime$passphrase5caps[11:nrow(crackTime)] <- NA
crackTime <- cbind(Length = as.numeric(row.names(crackTime)), crackTime)

gg <- crackTime %>%
  tidyr::pivot_longer(cols = dplyr::starts_with("pass"), names_to = "Set", values_to = "Years to Crack") %>%  
  ggplot2::ggplot() +
  ggplot2::geom_line(ggplot2::aes(x = Length, y = `Years to Crack`, color = Set)) +
  ggplot2::scale_y_log10() +
  ggplot2::theme_classic()

ggplot2::ggsave("featured.png", 
                plot = gg)

## Saving 7 x 5 in image

## Warning: Removed 40 row(s) containing missing values (geom_path).