Just 3 words will not make a safe password. People are asking in comments why, so let me try to offer an explanation.
First of all, we don't know how large is the dictionary. @Symbiote mentioned 132k words, but typically for diceware method (a method where you randomly select words from a dictionary) only 7776 are used (why so few? because then it's easier to select the words by rolling an actual dice). Nevertheless, let's assume 170k for now. Nowadays you can crack 100-500 GH/s (100*10^9) [1] at home (you need $25000 for the hardware, but let's assume a rich household ;))
So we have (132k^3) / (100 GH/s) = 23000 seconds [2]. That's less than 7 hours!
You could argue that nowadays everyone uses bcrypt, so such speeds are not possible. The question is: are you really sure that no one uses md5 any longer?
This is funny but is the opposite of the idea espoused in the correcthorsebatterystaple xkcd. Welsh words are hard for (most) humans to remember, but easy for machines to check (since wordlists are publicly available)
Yes. Diceware is one such, the EFF has some improved variants. With 7776 words you can roll 5 dice and get a number, which becomes a word. log(7776)/log(2) = ~13, so 13 bits of entropy per word chosen. 7 words for 91 bits of entropy (over the 80-bit absolute minimum for decent security of a key), 10 for 130 bits of entropy (better than 128-bits that lots of people use for AES), 20 for 260 bits (better than 256, enough to resist even batch attacks by enormously powerful actors).
Of course a 20 random word string is less a "password" or "passphrase" and more a "passpoem". You only want one or two of those, as master passwords for a password manager.
Correct, but one facet of xkcd passwords is that it's very easy to remember which prevents people from writing down passwords on sticky notes, thus eliminating that security risk.
In the case of Welsh words, it's about as easy to remember for a non-Welsh speaker as leetspeak is, and so people will just write down the password somewhere again to remember it, which makes this less secure overall than xkcd passwords on English.
Readit News
First of all, we don't know how large is the dictionary. @Symbiote mentioned 132k words, but typically for diceware method (a method where you randomly select words from a dictionary) only 7776 are used (why so few? because then it's easier to select the words by rolling an actual dice). Nevertheless, let's assume 170k for now. Nowadays you can crack 100-500 GH/s (100*10^9) [1] at home (you need $25000 for the hardware, but let's assume a rich household ;))
So we have (132k^3) / (100 GH/s) = 23000 seconds [2]. That's less than 7 hours!
You could argue that nowadays everyone uses bcrypt, so such speeds are not possible. The question is: are you really sure that no one uses md5 any longer?
[1] https://gist.github.com/epixoip/ace60d09981be09544fdd3500505...
[2] https://www.wolframalpha.com/input/?i=%28132000%5E3+hashes%2...
Fortunately, the web page itself suggests as much, but it's worth reiterating. Don't use these amusing passwords, please!
>RoliedigHembryonauCarmeliaid6
Seems pretty consistent with XKCD's comic on passwords.
ln₂(132000) = 17, and there are three words, so 41 bits -- almost as good as the smaller dictionary but four words of "Correct Horse Battery Staple".
(This is a rough estimate, I haven't looked at the dictionary in detail to see if there are many very similar words etc.)
[1] https://extensions.openoffice.org/en/project/gwirydd-sillafu...
I prefer my padding method [1] for greater entropy.
[1] - https://tinyvpn.org/help/#padding
Of course a 20 random word string is less a "password" or "passphrase" and more a "passpoem". You only want one or two of those, as master passwords for a password manager.
In the case of Welsh words, it's about as easy to remember for a non-Welsh speaker as leetspeak is, and so people will just write down the password somewhere again to remember it, which makes this less secure overall than xkcd passwords on English.
Deleted Comment