Slashdot Mirror

← Back to Stories (view on slashdot.org)

Let Your Theme Song be Your Password

Posted by ScuttleMonkey on from the just-pick-something-so-horrible-no-one-will-want-to-use-it dept.

An anonymous reader writes "The latest proposed solution to the fact humans suck at using passwords properly is to let people use digital objects, like mp3s, photos or videos instead. A file is hashed into a unique, secure string that acts as the real password. A paper on the idea was put forward in a recent Usenix conference on hot topics in security, and a Firefox extension that implements the idea is available too."

14 of 275 comments (clear)

  1. Done this for a while. by lattyware · · Score: 5, Informative

    TrueCrypt had an option like this. The best thing, in my opinion is to use a password and files. (Yes, multiple files).

    My favourite system was to set up a TrueCrypt volume with a hidden volume. You have two passwords, and a set of files on a CD. The normal volume is opened with a password and all the files on the CD. The hidden is with the passoword and a selection of the files (I called them 0-9 so it ended as a 'pin' of sorts).

    This means two things to know, and one to have, plus plausible deniablity, which isn't bad.

    --
    -- Lattyware (www.lattyware.co.uk)
    1. Re:Done this for a while. by blueg3 · · Score: 3, Informative

      Even if the software you use has a "tag" that would let you check the validity of the outer-layer decryption, such a thing isn't theoretically required.

      The problem is that you don't need to do one layer at a time in brute-forcing. If you encrypt with two keys, A and then B, what I do to brute force is try every possible pair of keys and check the validity of the resulting decrypted text. Now if my choice for key B is wrong, key A is decrypting garbage to garbage, but that's fine.

      Now, if keys A and B are each 128 bits, then I have to try every possible pair of two 128-bit keys. There are 2^128 choices for a single 128-bit key, and there are 2^128 * 2^128 possible two-key pairs. 2^128*2^128=2^256, which is the number of different 256-bit keys. Two 128-bit keys equals one 256-bit key.

      This is, incidentally, exactly what TripleDES does.

  2. What a stupid idea by the_olo · · Score: 2, Informative

    In practical scenarios, this idea actually reduces key space needed to be searched in comparison to passwords. Why the users clueless enough to not handle passwords properly would handle music-based passwords better?

    And you don't have to use your Facebook profile's picture to be obvious. I bet that majority of passwords will be Eminem or Rihanna MP3 clips downloaded from some p2p networks (most people don't even know how to produce and compress their own sound file); there are also certain songs that are significantly more popular from others. So there will be lots of identical passwords that are easy to guess.

    A good password should be as random as possible. This is far from random. You get all sorts of hints from the public information about global music market and the password data is based on publicly available audio data. In addition, if you know your victim, you can even make more correct guesses as to what songs did that person choose.

  3. Re:Howto create good password thats easy remembere by Anonymous Coward · · Score: 1, Informative

    No, "password", "fluffy", "rover", etc are VERY weak passwords. HJdm1b is just a bit weak, but it's stronger than a lot of passwords, and not too long that someone will write it down.

    I've always seen passwords as a bell curve. Weak passwords are obviously weak. Very strong (not necessarily long) passwords have a high risk of being written down by users, so they're just as weak. There's a section somewhere in the middle of passwords that aren't common words, aren't bruteforced quickly, but can be remembered without recording them, and I'd say HJdm1b falls in there somewhere...

  4. Re:Riding on the bus... riding on the bus by Anonymous Coward · · Score: 1, Informative

    It's not off-topic, it's a reference to Peter's personal theme song in Family Guy.

  5. Re:Stupid? by EdIII · · Score: 2, Informative

    Problem is the complexity you refer to does not exist. Let's say the secure string is 256 chars. That 4-char seed value is constant. It has to be, otherwise it defeats the purpose of the system, as it would act as a password itself requiring input from the user. That would be like a 4 digit ATM pin code. The whole point of the system seems to be that the user only has to remember which file, not a password.

    Regardless of the complexity of the secure string, the actual complexity of the system itself is still only 20 million files. That is a large number of orders less complexity than the secure string itself.

    This is true since the method to generate the secure string from a given file is known. There is no mystery to this. That removes all the complexity you think you gained.

  6. Re:Hmmm.. by Kent+Recal · · Score: 3, Informative

    On a similar note: This futz about "the password problem" is getting really, really old.

    Firefox Password Hasher exists.
    And for everything else you can just drop a similar program onto your cellphone, PDA or whatever gadget you carry around with you.
    Yes, it's not "perfect" security but it's probably the best tradeoff between convenience and security that we'll see in a long while. It won't get much better as long as human brains are involved.

  7. Re:Howto create good password thats easy remembere by shilly · · Score: 2, Informative

    You might give credit where credit is due:

    http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-500.pdf

  8. VERY stupid? by Fish+(David+Trout) · · Score: 2, Informative

    Maybe I'm missing something, but how can a file-based password -- being an object that actually exists on your computer (thus accessible to anyone with physical access to your computer EVEN FOR A FEW MOMENTS) -- be MORE secure(?!) than something that does NOT actually exist anywhere but in your mind only?

    Consider:

        1. many people access their bank accounts, their PayPal accounts, etc, using their computer.

        2. only static (unchanging) files can be used for passwords. This means no executable files that might be upgraded as a result of a new version of an application or security patch being installed, no parameter files, .INI files, etc. (i.e. nothing that could possibly be "edited" or modified in any way.) This reduces the number of files potentially usable as "password files" by several orders of magnitude.

        3. to login to you bank account you only need to use the correct picture or song file, etc. Someone with physical access could easily scan all the image and song files, etc on your computer (i.e. all those that could potentially be used as a password file (which as stated is not that many really)) saving the "password hash" for each to, say, a USB stick that could then be taken to another computer and used in a trivial intelligent brute force attack on your bank account.

    What's worse, what about potential file loss/damage? (Hard drive crash and no backup? So sorry! You're literally farqed unless you can somehow re-download that same hard-to-find image/sound you downloaded from, um, what was that damn web site where I got that file from again HOW many years ago???)

    A password that exists only in your mind can never be lost or stolen or otherwise recovered by someone with a few minutes (seconds?) of physical access to your system.

    Yes, yes! I know about the argument that if someone has physical access to your computer then all bets are off, but that argument doesn't apply in this scenerio IMO. Physical access to your system only gives them physical access to the data on your system, but not to your bank account, etc.

    IMHO the best way is to use something like Password Safe for storing all of your 12-16 character (including numbers and special characters) passwords, whose 256-bit twofish encrypted password database is protected by a very long pass-PHRASE "MASTER" password that only exists in your mind and nowhere else.

    --
    "Fish" (David B. Trout)
    1. Re:VERY stupid? by Anonymous Coward · · Score: 1, Informative

      I understand your argument, but brute force on a bank account? I highly suggest getting a new bank. I fat finger my password 3 times, and I have to call my bank to have them unlock my account.

  9. Re:Hmmm.. by Kent+Recal · · Score: 3, Informative

    Ah I see what you mean, mozilla is behind the times again.
    The Firefox3 compatible version can be installed from the Password Hasher Homepage.

  10. Re:Howto create good password thats easy remembere by houbou · · Score: 2, Informative

    When I teach security and passwords, I recommend the same approach. I ask my students to use a catch phrase they often use on a personal level.

    Then, I make them use the first letter of each of the words in that phrase.

    Finally, any of the words that be substitute for a number, we do it too.

    So, for example: I can't believe this works for that! Would become Icbtw4t now if you are allowed to add a non-alpha-numeric character, go for Icbtw4t@ :)

    I doubt a dictionary would have that.

    But then again, who knows! :)

  11. Re:Howto create good password thats easy remembere by blueg3 · · Score: 2, Informative

    I suppose by "typical" you mean "old", since typical Unix machines these days use MD5 or better.

  12. Re:Hmmm.. by merreborn · · Score: 1, Informative

    Imagine being the idiot that used their full 20:23 length digitally remastered copy of "Yes, The Revealing Science of God", who's on dialup, and has to enter their password in order to change it.

    Fortunately, I think the idea is to hash the file on the client side, and just send the hash. Which is something on the order of 32 bytes.