Dex

Big hearted fluffdragon...

...fictional ex-90s platformer mascot, nerd, plural, ฮ˜ฮ”.


Masto ๐Ÿ˜
scalie.club/@Dex

Dex
@Dex

people theorize about the possibility of using keysmashes to generate secure passwords

however, how cryptographically secure is a good keysmash? in this essay i will


kda
@kda

probably pretty bad?

Keysmashes are often really predictable, and you can totally narrow down the range of keysmashes that one might produce based on what keyboard they're using (some keyboards can't handle n arbitrary keystrokes simultaneously, and will disregard some of them!), what keyboard layout they're using, how they learned to type, factors that might influence how they move their fingers in repetitive fashions, so on so forth.

Like, they're pretty random, but it's a fairly constrained kind of randomness.


Cariad
@Cariad

No. Key smashes are a bad idea to generate random passwords. They're entirely predictable. Maybe if I am bored and have the time, I will demonstrate the entropy levels given from key smashing.


Cariad
@Cariad

Reply to this with key smashes in the comments and I'll give you all entropy scores.



You must log in to comment.

in reply to @Cariad's post:

I remember in Cryptonomicon they used the timing of keysmashes as an independent source of entropy for generating a key. Would that be viable or is there still hardware-level un-randoming?

in reply to @Cariad's post: