Here’s an article from last year’s Scientific American: The Mathematics of (Hacking) Passwords. If you remember your logarithms, it’s a decent read. If you don’t, you can skip the math and read the details: why longer passwords are better. (The left-hand diagram comes from Figure 2.6 of Authentication.)

