The IT Law Wiki

Guessing entropy

31,295pages on
this wiki

Definition Edit

Guessing entropy is

[a] measure of the difficulty that an attacker has to guess the average password used in a system. Entropy is often stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.[1]

References Edit

  1. NIST, Electronic Authentication Guideline 6 (NIST Special Publication 800-63) (Apr. 2006) (full-text).

Around Wikia's network

Random Wiki