Homemade special personal characters on nano level to be used in passwords

[Avi Greenbury]

> 
> What I meant was passwords which these newest super computers cannot 
> break because there should be an endless number of characters, that is 
> why I call in nano?

There will never be an endless number of characters unless there's an
infinite length permitted (which there rarely is, and which would be
unworkable in any case). However long the password is permitted to be
in bits,  there's a maximum of 2^(length) combinations.

The usual way to make passwords more secure is to make it harder to
try the guesses, rather than harder to construct a list of possible
combinations. For example, you might make it such that the same user
may try three different passwords in the space of ten minutes and
then they're prevented from trying again without manual intervention
from an administrator. 

This does require that the password hashes are kept secret (since
anyone with the hash can test against it as frequently as they like),
and the common way for passwords to be compromised is for the list of
hashes to be.



If you want to be markedly more secure than can be conveniently
achieved through normal passwords, generally you'll move up to
certificates (perhaps with passphrases) which do essentially amount to
incredibly long passwords.

-- 
Avi