I spoke with Manuel Blum this afternoon about his password scheme described here. This post is a few footnotes based on that conversation.
When I mentioned that some people had reacted to the original post saying the scheme was too hard, Blum said that he has taught the scheme to a couple children, 6 and 9 years old, who can use it.
He also said that many people have asked for his slide summarizing the method and asked if I could post it. You can save the image below to get the full-sized slide.
This slide and my blog post both use a 3-digit password for illustration, though obviously a 3-digit password would be easy to guess by brute force. I asked Blum how long a password using his scheme would need to be so that no one with a laptop would be able to break it. He said that 12 digits should be enough. Note that this assumes the attacker has access to many of your passwords created using the scheme, which would be highly unlikely.
Update: This algorithm can be broken fairly easily. See comments here.
* * *
For daily tweets on algebra and other math, follow @AlgebraFact on Twitter.