Hello, kochetkov.vladimir, you wrote: KV> Ok, it is not difficult to me to repeat: the specific approach offered in specific . I.e. creation of the password with usage as the alphabet of words of English language. That is the special case from billion is criticized. But washing the critic of a special case from 10 unique-correct managers of the passwords, written by the third (interested?) persons is already a paranoia. _>> what entropy at good pseudorandom number generators? And why they have a prefix "pseudo"? It about firmness or about a faith in hyperbolic straight lines. KV> at good - aspires to zero." Pseudo "- because"aspires", instead of"is equal". However, to what there was this question I did not understand = / And can therefore"pseudo"that this dial-up of random numbers can be repeated, simply knowing initial conditions. That is any entropy at them too . _>> There is no it you show that with introduction of new policies, protocols, managers of passwords and , the amount of the passwords merged in the Internet decreased. KV> well here present that we argue on, whether has the right to life SOLID... KV> Somehow even it is insulting from similar Emmas... You seriously want to discredit information security as a science comparing it with as SOLID, NoSQL and ? You want to confirm scientific character, show that these yours" entropies as firmness "have what that communication with a reality. Otherwise it is the pure theory in itself. Thus the theory which uses terms from other theory. _>> It is one of examples (on me silly) trust relationships policies, as the recommendation to have 100 different passwords on 100 sites for what it is necessary to get the manager of passwords. KV> presently periodic change of passwords does not give any advantages and is present at some politicians exceptional for the historical reasons. Usage of various passwords on various sites relieves of quite specific problem of a reuse of results of successful attack on one site at attack to another. Is more or less reasonable a total diversification of passwords: to divide resources into groups on their importance and for resources from the most important groups to use various passwords, and for less important - identical. About such circuits I adhere: From the most important resources I "store" passwords exceptional in a head (but thus they meet requirements to complexity and to randomness), from less important - in (but on everyone a resource the password), from unimportant - the password same is used or at all I do not store, and I use for an input f-tsiej "forgot the password". And what output? From outside that you write looks as :" I that want, I do, but you, mortal, should use that I will tell ". KV>>> Means, it is necessary to make so that breaking of the manager was more difficult than breaking of 10 passwords on 100 sites. Actually, this task in them also dares. _>> the task dares or these managers of passwords are built in browsers with millions lines of not verified code and synchronized with exterior servers? KV> And here the code (also what you imply it)? The code which is not checked up (and that corresponds to the necessary requirements cannot be checked up because of the size). _>> because on another it is inconvenient and it is impractical, it is not meaningful. KV> to Whom as For some (all these your passwords (with good entropy are more exact for the majority)) is from a category of a teapot of Russell. A hint that can it is necessary be engaged, invent business razor Okkamy. _>>>> Firmness of 10 passwords on 100 sites is a firmness of 10 passwords on 100 sites. KV>>> Cracked the password on one of a site-> cracked all 1/10 of used sites. _>> 10 % against 100 % in case of breaking. KV> here only probability of purposeful breaking of one of 100 sites slightly above probability of purposeful breaking of one application at one user. We continue talk, using digits and emotionally colored estimate words made up. What it is better, to lose only 10 % at "slightly the higher probability", than 100 % at "slightly the lowest probability"?