Slashdot Mirror

← Back to Stories (view on slashdot.org)

Write Down Your Passwords

Posted by Zonk on from the social-hacking-paradise dept.

joeykiller writes "Microsoft's senior program manager for security policy, Jesper Johansson, presents a provocative but interesting view on password policy: He claims that prohibiting users from writing down their passwords is bad for security. His main point is that if users are prohibited from writing down their passwords, they will use the same easy to guess password everywhere." From the article: "Since not all systems allow good passwords, I am going to pick a really crappy one, use it everywhere and never change it...If I write them down and then protect the piece of paper--or whatever it is I wrote them down on--there is nothing wrong with that. That allows us to remember more passwords and better passwords."

21 of 633 comments (clear)

  1. Problem is portability by seanscottrogers · · Score: 2, Informative

    Writing down passwords and storing them in a secure location isn't the issue, it is portability. Most passwords these days need to go with you wherever you are, at home, the office, on travel. If your password is too complicated to remember, then it would have to be stored somewhere on your person. That's the security risk.

  2. Re:Bruce Schneier agrees by Anonymous Coward · · Score: 0, Informative

    That's what I do. I use a tool that stores passwords encrypted, and I have one very good passphrase I use to decrypt the passwords. Any time I need a password for a Web site, I generate one (32 random letters/numbers) and use that. I don't even know any important passwords, except for the one master passphrase.

  3. Re:Makes perfect sense by Anonymous Coward · · Score: 1, Informative
    In my last workplace someone (probably a janitor) stole checks from people's desks.

    A Lot of hacking is internal. If you're in a company bigger than a dozen or people or so, you're at risk.

  4. Re:Bruce Schneier agrees by loqi · · Score: 2, Informative

    KDE's wallet manager handles this rather nicely.

    --
    If other reasons we do lack, we swear no one will die when we attack
  5. Re:Passwords suck: simple solution: by bmongar · · Score: 2, Informative

    Though they can't steal your fingerprint they can steal your fingerprint metric. It all becomes bits at some point and if they have those bits they can buypass having your finger.

    --
    As x approaches total apathy I couldn't care less.
  6. Password Safe is the answer by windowpain · · Score: 5, Informative

    It's by crypto genius Bruce Schneier, it uses Blowfish, it's open source and if you want that extra measure of security you can compile it yourself. It's for Windows but there are Unix/Linux versions too.

    Password Safe

    --
    Insert witty sig here.
    1. Re:Password Safe is the answer by RayMarron · · Score: 2, Informative

      CrypBox is really handy if you have a Palm device - you can carry your password database with you AND have access to it on the desktop.

      --
      ON DELETE CASCADE
    2. Re:Password Safe is the answer by Anonymous Coward · · Score: 1, Informative

      Or you could just buy a Mac and use the Keychain application which is the same concept, except it's integrated into the OS and everything plugs into it.

      You can even have it store your ssh passphrases that get intercepted by a third-party ssh-keychain application that inserts the passphrase into your Apple Keychain.

      You also can place your keychain on a USB memory key (it's already encrypted) and plug the USB memory key into your laptop and login. If you forget the USB memory key then you login to the system but you don't have any stored passwords.

  7. My Solution by 3ryon · · Score: 5, Informative

    I use a small PINS database stored on a USB flash drive on my keychain. Instead of launching the application when I need a password I launch a batch file that detects if the drive is plugged in, if so it copies the password file to my profile and launches it (if I'm using either my home or work computer). If the drive isn't plugged in it uses the local copy. If I make an update it copies it back to the USB drive.

    The master copy is on my keyring, but my home and work computers have copies. I've been doing this for a year and I highly recommend the solution. I can now use random passwords.

    --
    Kind thoughts do not change the world
  8. Everything you ever wanted to know about passwords by John+Seminal · · Score: 2, Informative
    #1) The hackers have huge dictionaries that can crack just about any word, in any language, and with any added numbers, like compaq002 or 01compaq01. Second, they have custom dictionaries that can take 2 or 3 words and put them together in logical ways (like people think). These are all easily cracked. Picking a password by splitting the words of items on your desk and adding them back together is not smart. Comp05HP is not a good password.

    #2) The best passwords are illogical. Something like k8iWq3xy. Mixing in letters in and numbers, not based on any words, is a good start. If your program recognizes upper and lower case, mixing that can help too.

    #3) The best, very best log in tool for security I saw was a small clock a friend was given from his company. It had some funky algorithm on it, and it displayed a 14 alphanumeric code. When my friend logged in, he had to enter this code, which changed ever 1 minute. This was in addition to his username and password.

    #4) People will sniff your network. Nothing is bulletproof. Finding passwords sent is easy. If it comes as clear text, you are screwed off the bat. This defeats #1 and #2, but not #3, because #3 is based on an algorithm that changes every 1 minute.

    #5) Set up a policy that only allows 2 attempts to log in, and after 2 failed attempts, it locks out that IP and MAC address for 30 minutes. This will be a major pain when you try and log in and make a mistake. It won't really stop hackers, just the ones with slow/bad proxies. Maybe 1 of the 500 proxies the hacker is using is not as anonyomous as they believe. As for your own use, take a book with you when you believe you might have to log in remotley, just in case you make a mistake. You need something to blow those 20 minutes.

    #6) Never, ever log in root from a remote location. Have a crippled account to log into from remote locations. Expect this account to get cracked. Limit the damage. If you must, have 2 computer systems at home. One secured off line, and the other on line. Hell, toss in a third computer connected to the web based on via a serial cable and dump all the logging on that computer. The hacker/cracker can't edit the logging files on that second PC.

    #7) When using a computer, always assume the key strokes are being logged. When you get home, change your password for that account.

    #8) After you have done all these things, you will still get hacked. Call the FBI. Call your congressman. Lets bomb another country to releave our collective mutual stress.

    --

    Rosco: "If brains were gunpowder, Enos couldn't blow his nose."

  9. Re:Passwords are useless. by loqi · · Score: 4, Informative

    Let's see... assuming lower- and upper-case letters and numbers are the only allowed components of a password, even a machine capable of one trillion password checks per second would take about 22,337,120,292,586,187,942 years to run through all the possible twenty-character passwords.

    So yes, your statement is true, but the brute-force computer you're theorizing doesn't exist, and probably won't for a long, long time.

    --
    If other reasons we do lack, we swear no one will die when we attack
  10. No! by RoverDaddy · · Score: 2, Informative

    Why put the list in cyberspace at all? That's the beauty of paper, nobody online can steal a sheet of paper sitting in your home/office/dorm/loft/cave.

    --
    RETURN without GOSUB in line 1050
  11. What an insightful article! by craXORjack · · Score: 2, Informative
    I sure hope that Microsoft gets a patent on this new business process of password management because that will encourage them to continue innovating.

    ...Oh, sorry. I thought we were still doing the sarcasm thing.

    --
    Liberals call everyone Nazis yet they are the closest thing to it.
  12. Re:Bruce Schneier agrees by Ann+Elk · · Score: 2, Informative

    PasswordSafe is basically a GUI wrapped around an encrypted file such as you describe. Unfortunately, it's Win32 only, but there are a few portable solutions available.

  13. Re:Pseudo-Written Password by essreenim · · Score: 1, Informative
    The good password requiremnt is not helped by the fact that users are also required to change it every xx days, so not only you need to remember a strange password, you have to remember a different one every couple of days.

    Thats why I think my solution - http://it.slashdot.org/comments.pl?sid=150601&cid= 12628446 - is better. And if its a password that expires every couple of days, use a seperate hash that puts in random bits as well for this task... http://it.slashdot.org/comments.pl?sid=150601&cid= 12628446

  14. Re:Bruce Schneier agrees by bizard · · Score: 2, Informative

    which is exactly what systems like Keychain Access, Password Wallet (or Password Wallet), Keywallet etc. are for.

  15. Re:Bruce Schneier agrees by Cutriss · · Score: 2, Informative

    All these people are mentioning Password Manager, but I use Keyring for PalmOS (formerly "GNU Keyring"). This way, I can bring the .PDB database with me in my handheld if I would like to take my passwords on the go, and running the app on a client machine isn't hard since there are a variety of Palm emulators out there for a variety of platforms.

    So, you have an app that, by virtue of being on a portable emulated platform, is OS-portable as well.

    --
    "Mod, mod, mod...and another troll bites the dust."
  16. Re:Bruce Schneier agrees by Anonymous Coward · · Score: 2, Informative

    As does OS X's Keychain.

  17. Not likely. by Evanisincontrol · · Score: 2, Informative

    Maybe it's just me, but it seems that the liklihood of someone cracking that method is very unlikely.

    As you said, physical access is required. (which makes things MUCH more difficult) However, even if physical access WASN'T required, I don't think some hacker would suddenly say to himself, "AH HA! I bet this user is combining the serial number of his roller-chair and product number of his processor to create his password! Let me just try these numbers..."

    There is a VERY large combination of passwords available from product/serial/model numbers on various items that reside in a typical office. Even if a hacker somehow broke into Joe Blow's apartment and spent twenty minutes writing down all of Joe's stapler model numbers, he likely wouldn't get them all, and definitely wouldn't need to run a program (remotely) to try all the possible combinations. (Especially given that the password might consist of half a dozen different product numbers!)

    All in all, the odds of someone breaking this password aren't likely. If someone was determined enough to go through all afore-mentioned garbage at all, whatever he's getting at must be pretty valuable... and would probably be better protected than just by an arbitrary password.

  18. Re:Bruce Schneier agrees by ymgve · · Score: 2, Informative

    Nobody has yet mentioned the strongest reason why this is dangerous: Keyloggers. A malicious hacker captures your master password as you enter it, and suddenly every password you have is compromised.

  19. PasswordSafe by ronys · · Score: 2, Informative

    Actually, Bruce Schneier wrote exactly such an application, and put in on SourceForge a while ago, where it is now currently maintained:
    PasswordSafe

    Note: I'm the project's current admin.

    --
    Ubi dubium ibi libertas: Where there is doubt, there is freedom.