Entropy of passwords
Term: number of entropy bits of a password
 a concept from information theory
 a password with 5 bits of strength == 5 bits chosen randomly via coin tosses
 would need 2^5 number attempts to exhaust all possibilities
 on average, an attacker will have to try half of all possibilities
Source: https://en.wikipedia.org/wiki/Password_strength
Question: what is the recommended number of entropy bits?

Depends on threat model
 29 bits: only online attacks
 96 bits: important cryptographic keys