I'm only suggesting an implementation that is transparent for the user. 10 would probably be just fine, but 25 would be closer to an impossible situation without significantly increasing the odds of a successful attack.