Score:0

Password space: number of possible password combination

bn flag

How do I calculate the password space of a randomized linked hybrid pasword of 9 images and 10 numbers(0-9)? User allowed to select 4 password

Images=9 Pin= 0-9 Password selection allowed: 4 Every image is linked to a number

Images are randomized at each selection

Gloria Jiya avatar
bn flag
I am trying to calculate the password space for a graphical password of 9images each image is linked to a number from 0-9.. and users are allowed to select just 4 images
JAAAY avatar
us flag
The answer is 9-choose-4 I think.
forest avatar
vn flag
@GloriaJiya So you want to know the keyspace when you have 10 images (images numbered 0 through 9 would total 10 images, not 9) to choose from, and four are picked at random. Is that correct?
Gloria Jiya avatar
bn flag
@forest yes that is correct.
Score:1
vn flag

The fact that a password is composed of images is irrelevant. If you have 10 possible values for each symbol and choose 4 symbols at random, the keyspace is 104 = 10000, and log2(10000) ≈ 13.3 bits.

This is very insecure!


In general, you can calculate the keyspace by raising the number of possible symbols to the number of randomly-selected symbols. This tells you how many possible combinations there are. You convert this number into the number of bits of security by taking the base-2 logarithm of the result.

For example, if you are choosing a password composed of 12 words chosen at random from a set of 4000, the number of bits of security is log2(400012) ≈ 145 bits, which is secure.

Gloria Jiya avatar
bn flag
Ok, for hybrid password password that has a password space for 1st step authentication of 10,000 and 2nd step authentication of 6,000. Do we add 10,000 to 6,000 or multiply 10,000 by 6,000.
forest avatar
vn flag
@GloriaJiya Will the attacker know if they got the first password correct before they try the second?
Gloria Jiya avatar
bn flag
aforest yes the attacker will know.
forest avatar
vn flag
@GloriaJiya In that case, treat it like two separate passwords. First one is broken and _then_ the other, so you aren't adding very much security by using two.
Gloria Jiya avatar
bn flag
Okay thank you for the response.
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.