You can see the details of our calculations in [[!tails_ticket 19615]] and this [spreadsheet](https://cryptpad.disroot.org/sheet/#/2/sheet/view/KdOJLeuCsc4dS3vq-bHhFw6zByUSRJXsCcAkB-ERxtc/).
Using other password schemes give little guarantee over the strength of a password, even if it follows complicated password policies and validates on password strength meters.
For example, a [Dutch hacker logged into Donald Trump's Twitter account *twice*](https://www.washingtonpost.com/world/2020/12/17/dutch-trump-twitter-password-hack/)by guessing his passwords, despite that these passwords included several words, were more than 8 characters, and even had special characters. They were definitely not random enough: "*maga2020!*" and "*yourefired*".
To understand the maths behind password strength, watch [An information theoretic model of privacy and security metrics](https://media.libreplanet.org/u/libreplanet/m/an-information-theoretic-model-of-privacy-and-security-metrics/).Bill Budington from the EFF explains the concept of entropy and its implication on browser fingerprinting and password safety in accessible terms.
- [[If your passphrase has 4 random words or fewer|argon2id#4]] - [[If your passphrase has 5 random words|argon2id#5]] - [[If your passphrase has 6 random words or more|argon2id#6]]
If you created your Persistent Storage with Tails 5.12 or earlier, we recommend you migrate your entire Tails to a different USB stick and destroy your old Tails USB stick (or at least [[securely delete the entire device|doc/encryption_and_privacy/secure_deletion#device]]).
If you don't, the previous LUKS1 data might still be written in some recovery data on the USB stick and could be recovered using advanced data forensics techniques.