The commenter at Wattsupwiththat.com, 'Smoking Frog', suggested that cracking (discovering) an easily remembered 36-character pass phrase (password) used in encryption could be relatively simple and fast, maybe even done in a second or so.
I personally find that highly doubtful.
The 'Smoking Frog' comment was basically made in the context of law enforcement officials trying to 'crack' an encrypted file found on a hard drive or a USB memory stick. The law enforcement officials don't know the password; the owner of the encrypted file won't reveal the password; the law enforcement officials don't know how the file was encrypted; they don't know how long the password is; and they are unable to social engineer the password used in the encryption.
Instead of trying to crack the encryption, the law enforcement officials focus on discovering the password (pass phrase) through any current technology means available to them, including a mass-parallel PC effort.
Can it really be done quickly? Is it really "trivial" as 'Smoking Frog' suggests? If the password is discoverable, how long would it take to do so?
Over at WUWT, I suggested that the following, easily remembered 36-character phrase ("&1925IreallyhateJoeRommwithapassion&") would make it very difficult for law enforcement officials to open the encrypted file - possibly taking trillions of computer centuries to accomplish.
'Smoking Frog' thinks that is not the case and that the above pass phrase could be broken in seconds. I think not.
So here's the challenge to 'Smoking Frog' or any other challengers - discover the passwords on either of these files - download SmokeyFrog1 or download SmokeyFrog2. These files are encrypted using a similar style pass phrase as the one in yellow above. One file was created with a very sophisticated encryption application, the other was created with a very simple encryption application.
Once the pass phrase for either of these 'challenge' files is discovered, one should open the encrypted file, read my message and follow my directions in the message. Easy peasy.
'Smoking Frog' or others, have at it. Break the password and we'll gladly publicize that level of achievement - and, btw, then educate millions, including 'C3', on how not to do passwords (pass phrases).
Of course though, until someone quickly discovers the above files' pass phrases, assume using a long, easily remembered phrase is safe from being 'cracked' by law enforcement.