Why is Clipperz asking for a passphrase instead of a password?
Clipperz has been designed to obtain a 128-bit security level. That means that an attacker needs to perform at least 2128 steps of “work”. Each step could be something as simple as looking something up in a table or as complex as computing some cryptographic function for certain values. Your passphrase is part of the security chain of Clipperz and, because a security system is only as strong as its weakest link, it is highly recommended you pick a passphrase with a good amount of entropy. If your passphrase has little entropy, say 24 bits, it can be attacked with an exhaustive search, i.e. with 224 steps. Hence the overall security will drop at a 24-bit level due to the weak passphrase. Passwords are usually 6-10 character long and therefore they cannot have more than about 30 bits of entropy. Not enough to protect your data against serious attackers.
