You’re describing the best case scenario for the person wishing to protect their password, where the Planck Cruncher guesses the password on the very last possible combination, taking 100 years to get there.
The Planck Cruncher might guess the password correctly on the first try, or it might guess correctly on the last possible combination in 100 years.
What we really want to measure are the odds of a random guess being correct.
The most “realistic” scenario is the Planck Cruncher guessing correctly somewhere between 0 and 100 years, but you want to adjust the length of the password to be secure against a powerful attack during the realistic life of whatever system you’re trying to protect.
On average, assuming the rate of password testing is constant, it’ll take the Planck Cruncher 50 years to guess the 121 character password.
And that assumes the password never changes.
If the password is changed while the Planck Cruncher is doing its thing, and it changes to something that the PC has already guessed and tested negative, the PC is screwed.
Hint: Change your password regularly.
edit: The user should change their password regularly during the attack.
Each password change reduces the risk of a lucky guess by that many years of PC attack.
You’re describing the best case scenario for the person wishing to protect their password, where the Planck Cruncher guesses the password on the very last possible combination, taking 100 years to get there.
The Planck Cruncher might guess the password correctly on the first try, or it might guess correctly on the last possible combination in 100 years.
What we really want to measure are the odds of a random guess being correct.
The most “realistic” scenario is the Planck Cruncher guessing correctly somewhere between 0 and 100 years, but you want to adjust the length of the password to be secure against a powerful attack during the realistic life of whatever system you’re trying to protect.
On average, assuming the rate of password testing is constant, it’ll take the Planck Cruncher 50 years to guess the 121 character password.
And that assumes the password never changes.
If the password is changed while the Planck Cruncher is doing its thing, and it changes to something that the PC has already guessed and tested negative, the PC is screwed.
Hint: Change your password regularly.edit: The user should change their password regularly during the attack.Each password change reduces the risk of a lucky guess by that many years of PC attack.