Password protect a pdf file?

[EphesiaNZ]

You also get equivalent results (shorter is worse)
https://howsecureismypassword.net/
Password Strength Estimator

Well would I trust the results when one site says,

I've only included a small dictionary of the most common english words and passwords. It doesn't try any of the common variations that an actual attacker would (e.g. 0 for o).

Strong vs Long is losing more & more due to Brute force speeds (One of the reasons I hate MS Accounts they Limit your password length)

Well, there's an answer to that

Cheap GPUs are rendering strong passwords useless | ZDNet

Yes GPU's are bad news in a way but it's no worse really than any modern advancement in CPU speed over the years but to quote from that article,

Throw in a nine-character, mixed-case random password, and while a CPU would take a mind-numbing 43 years to crack this, the GPU would be done in 48 days.

Anyone with data to keep safe should be changing their passwords at least once a month hence the above is irrelevant and also I would suggest passwords no shorter than 12 characters these days - 8 characters was probably fairly secure about 10 years ago.

 

[pgp_protector]

Remember I gave you the math using the 171,000 word Dictionary using only 2 words. (Actual dictionary has about 1 Million words right now) so for 2 random words it's 1,000,000 ^ 2 combinations.

 

[EphesiaNZ]

1) GRC 15.67 Thousand Centuries
2) 2.01 hundred billion trillion trillion trillion trillion trillion trillion centuries

This is taking into account Dictionary attacks because Dictionary attacks only work on words not phrases.

And what about phrase attacks?

 

[pgp_protector]

And what about phrase attacks?

I found this
https://nakedsecurity.sophos.com/2012/03/19/multi-word-passphrases/
(References this study)
http://www.jbonneau.com/doc/BS12-USEC-passphrase_linguistics.pdf

The research takeaway is that while passphrases are safer than passwords, they're not all that safe, depending, of course, on length.

Longer Pass Phrase would be safer than the 2-3 word passphrase, and don't use "I'm sorry Dave, I can't do that" (Common phrases in other words)

 

[EphesiaNZ]

.. and don't use "I'm sorry Dave, I can't do that" (Common phrases in other words)

Why not?, that's my favourite

Yes, famous people quotes, movie quotes and song lines/titles are all up there for easy cracking.

 

[pgp_protector]

So any luck with my Zip file that only uses the 0-9 digits ?