'How many bits of information are possible in an eight-character password if any character can be used?

In this question, do we assume that each character is just 8 bits then? In this case, is the answer just 64 bits? Sorry if this is a dumb question.

securitymathoperating-system


Solution 1:[1]

Any character would be hard to use in a password as some of those are not even printable (like a \07 beep). But if you assume that it really can be any (so it's more like a cryptographically random key than a password), then yes, 64 bits of entropy.

If it's case sensitive ascii letters (26+26) and numbers (10), and the length is 8, and it's all true random, then it's more like log2( (26+26+10)^8 ) ~= 47.6 bits.

Or more generally, using k different random characters for a length of n, the entropy would be log2(k^n).

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Gabor Lengyel

Related Questions

Secure cookies flag always getting lost in first session after resetting IIS

How to show or hide contents of an aspx page based on current user's roles

protect images on webpage from being copied/saved?

Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Disable SSLHandshakeException for a single connection

SSL certificate error for IE users only

How to access HttpContext and Request in RequireAssersion?

Send Public key(generated as seckeyref in iPhone) to server(in Java)

The EXECUTE permission is denied on the user-defined table types?

cannot commit or push using egit (guess: issues with secure storage area)

Authorisation in microservices - how to approach domain object or entity level access control using ACL?

Adding nonce value to @Scripts.Render ASP.Net MVC razor pages with NWebSec

SSL Java java.io.IOException: Invalid keystore format

preventing abuse of API service usage

Protecting or Licensing a Django Application