The space of possible passwords here is much

larger now, but this is still not that good.

First of all i can go through 1024 numbers very quickly, if i

want to try each one of them i can go through them very quickly.

Computers are so fast that this will take fractions

of a second to try each one of them.

And compare it against the password file.

The second thing is that, this is going to allow,

1024 distinct passwords, which means, since the number of users in

most cases is greater than this, many users will have

to use the same password, which is not a good system.

All right?

So, we are seeing that using the concept

of counting, we can tell about the strength.

One aspect of the strength of the password, and about the, the space

of all possible passwords, so that we can avoid figuring out the password easily.

So this, of course.

Tells us, using counting.

This tells us, that you should not be using password of length ten.

And every position is either 0 or 1.

It's not good, we can easily find it.

Of course, it's not good to use it of length one, and two possibilities.

So, the question is in general how many, what,

what happens in general for systems, about creating passwords?

So, for example, many of the systems that,

or websites where you go create a password, it

says, you can use any of the English alphabet letters, all the way from a to z.

[BLANK_AUDIO]

And suppose it is case insensitive, so capital letters, small letters,

they are all the same, so I'm just going to consider small letters.

And says you can also use, the digits from 0 to 9, okay.

So, the size of this set there are 26

possible letters and here we have 10 possible letters.

So now we're say and suppose i say that, the length of the password has to be 8

characters, so now my password, is this vector or list,

from 1 to 8.

Every value here can be either a or b or c or z or 0, 1, all the way to 9, okay.

So, there are 36 possible values, that they could have put here.

Now, a same thing here, a, b, c.

36 possible values.

The same thing here, 36 possible values.

So now what is the possible number of passwords, if the, given these

two constraints, that the length is 8 and the number of characters I can use is 36?

Now, we have 36 times 36 times 36 times 36 all the way to here.

So we have 36 possibilities for the first position.

36 for the second, for the third, for the fourth, for the fifth,

for the sixth, seventh and eighth, which is 36 to the 8th.

Now, this is a different story, now right,

because this is not similar to 1,024, this is a very large number, right.

So, even with fast computers, this is not a number that we can,

we can go through, all these possibilities

very quickly, and find the password, right.

This is number one, and number two is that this number is very large, that we are not

going to run into this issue, where we have two

users choosing the, the same password with very high probability.

Now, keep in mind that when we allow the users to choose a random

password, there's still always a chance that

two users will choose exactly the same password.

We cannot stop that.

In theory, all users could have chosen the same password.

But the thing, when this, the, the

number of possible passwords gets larger and larger,

the probability of choosing the same password

by more than one user starts decreasing, okay.

So, this, the counting, allows us to get to do this kind of reasoning.

And know why certain constraints on passwords are bad.

Why certain constraints are good.

Of course, as you can see, from here.

I have, I showed before, the, the passwords of length ten.

And you can use either 0 or 1.

We went from 2 to the 10th.

Now, if you use all the English alphabet letters and the

digits from 0 to 9, we go to 36 to the 8th.

As you can tell, this is bigger than this in two ways,

because of, we can get this number to be bigger in two ways.

One is, make the possible values that you can use for every entry.

Make that set larger and larger, and the second thing is, if you make

your password longer, it will even make

the space of possible passwords even larger.

For example, if I still allow only these letters, but I make

the password of length 10, now we go to 36 to the 10th.

If I make the password of length 50, then we go to 36 to the 50.

And this is, of course, is much bigger than this, this is bigger than this.

Okay, so we can always make it longer and we can always enrich this set, okay.

So this is how counting allow us, to do this kind of reasoning so that we know.

How to design specifications of a password.

The last thing I want to say is that, sometimes you see that the system says you

have to use a, a letter and you have to use a digit between zero and nine.

so it's not anything, it has to be either,

it has to contain either and at least one digit.

So what does that mean?

How does that change our scenario?

So suppose we are still working with the

password of length 8, and this kind of possibilities.

This would be the number of possible

passwords, that can have letters or digits.

But notice that I'm not putting a constraint here that it

has to have letter and a it has to have a digit.

Because one of these 36 to the 8.

Is for example, a, all a's.

All right?

But this wouldn't fit my specifications if I say it has to have a digit in it.

The same thing.