How much information is there in knowing the length of someone's password?

If we know the password's length, it saves us from guessing any shorter passwords. For example, for a numeric password, knowing the length is 4 saves us from having to guess [blank], 0-9, 00-99 and 000-999. This lowers the number of possibilities from 1111 to 1000. The password has 90% of it's original strength. A [0-9a-zA-Z] password retains 98% of it's original strength

▲

notlenin 4 hours ago | parent [-]

For any given alphabet A, and for any positive integer n, the set of strings of length n over A is a finite set, with (number of characters in A)^n elements.

The set of all strings, of any length over A, is an infinite set, because it is the union of all sets of strings of length n for each positive integer n.

So if you don't know the length of the password, there are infinite possibilities. If you do know the length of the password, there are only finite possibilities.

Which would in turn imply that there is an infinite amount of information in knowing the length of a password - the complement of the set of n-length strings over A in the set of strings over A contains an infinite number of elements, which you can safely exclude now that you know the password is part of the finite set of n-length strings over A.

	▲	qayxc an hour ago \| parent [-]
		Absolute nonsense. Apart from the fact that password length is necessarily finite due to memory and time constraints, passwords aren't stored as clear text. You will get hash collisions, because the number of unique hashes is very much finite. Your argument therefore doesn't apply in this context.