When providing a number to the user, consider only using the digits 1 through 6 instead of the whole range 0-9. Inspired by the verification codes of two factor authentication 2FA. Obviously, one will need more digits to achieve the same amount of entropy: 7.7 base-6 digits equals the typical 6 digits of base 10.
Vaguely inspired by cubical dice (one can easily mentally picture the dot patterns) and Benford's Law. The earlier digits seem less foreign than the higher ones so easier to memorize (e.g., in short-term memory for copying a 2FA code). Also uses only two rows of a numeric keypad, so easier to type. This might be especially useful if you have a fancy typing interface that scrambles the labels on the keys each time to thwart shoulder surfing.
99.03 base-6 digits for 256 bits.
No comments:
Post a Comment