Slashdot Mirror
Generate Memorizable Passphrases That Even the NSA Can't Guess
HughPickens.com writes Micah Lee writes at The Intercept that coming up with a good passphrase by just thinking of one is incredibly hard, and if your adversary really is capable of one trillion guesses per second, you'll probably do a bad job of it. It turns out humans are a species of patterns, and they are incapable of doing anything in a truly random fashion. But there is a method for generating passphrases that are both impossible for even the most powerful attackers to guess, yet very possible for humans to memorize. First, grab a copy of the Diceware word list, which contains 7,776 English words — 37 pages for those of you printing at home. You'll notice that next to each word is a five-digit number, with each digit being between 1 and 6. Now grab some six-sided dice (yes, actual real physical dice), and roll them several times, writing down the numbers that you get. You'll need a total of five dice rolls to come up with each word in your passphrase. Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb". If you want a stronger passphrase you can use more words; if a weaker passphrase is ok for your purpose you can use less words. If you choose two words for your passphrase, there are 60,466,176 different potential passphrases. A five-word passphrase would be cracked in just under six months and a six-word passphrase would take 3,505 years, on average, at a trillion guesses a second.
After you've generated your passphrase, the next step is to commit it to memory.You should write your new passphrase down on a piece of paper and carry it with you for as long as you need. Each time you need to type it, try typing it from memory first, but look at the paper if you need to. Assuming you type it a couple times a day, it shouldn't take more than two or three days before you no longer need the paper, at which point you should destroy it. "Simple, random passphrases, in other words, are just as good at protecting the next whistleblowing spy as they are at securing your laptop," concludes Lee. "It's a shame that we live in a world where ordinary citizens need that level of protection, but as long as we do, the Diceware system makes it possible to get CIA-level protection without going through black ops training."
After you've generated your passphrase, the next step is to commit it to memory.You should write your new passphrase down on a piece of paper and carry it with you for as long as you need. Each time you need to type it, try typing it from memory first, but look at the paper if you need to. Assuming you type it a couple times a day, it shouldn't take more than two or three days before you no longer need the paper, at which point you should destroy it. "Simple, random passphrases, in other words, are just as good at protecting the next whistleblowing spy as they are at securing your laptop," concludes Lee. "It's a shame that we live in a world where ordinary citizens need that level of protection, but as long as we do, the Diceware system makes it possible to get CIA-level protection without going through black ops training."
Diceware is a great recommendation, but you're missing one key consideration: password reuse is a larger danger to users than is having a weak password. The Apple iCloud hack is one of the few in recent memory where a password-related breach wasn't tied to password reuse. What happens most of the time is that a site is vulnerable to SQL injection gets their users table stolen, and "bad guys" use that information to try accounts on related sites. If the compromised website was using a bad (i.e. fast) password hashing algorithm, then having a good password will protect you a little, but you're playing with fire. Password cracking techniques have been advancing exponentially, as has GPU power. But if this site is using reversible encryption or storing passwords in plaintext (which still happens with alarming frequency) then all your other accounts are at risk from the one breach regardless of how great your password is. Of course, if they're using a good password algorithm like PBKDF2 or bcrypt, even a mediocre password will be relatively safe. But what are the chances that every site you've registered with is using a good password algorithm? Probably zero. How can you check the password storing technique of a site you're about to register with? You can't.
Yeah, you could make an algorithm to modify your password across sites so that you can memorize it yet it'll be different, but as "bad guys" combine information from multiple leaks, any algorithm you come up with will be vulnerable to reverse engineering. Especially if your online identity is valuable. The real solution is to use password management software like KeePass, LastPass, or 1Password. Lock your password program with your good password from Diceware, and use unique, truly random passwords for all the websites you've registered on.
What about the sites that restrict the length of the password? The only thing I have to say to them is, "You're doing it wrong".
Many websites, especially those designed to be more secure (banking, education, employment) still require passwords in a certain form (usually requiring some combination of caps, numbers, and special characters) and don't allow passwords like these.
Dosent the NSA have backdoors in every encryption algo we know ?
Hey Dice, go teach your grandmother to suck eggs.
Proverbs 21:19
How's that any different from http://xkcd.com/936/?
I thought we were just supposed to use
CorrectHorseBatteryStaple
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
is usually the only reason i have one. passwords are the inter-nets TSA.
Space - Balls - The - Lunchbox
Care killed the cat, but satisfaction brought it back.
Citation Needed
I forget where I first read it, but this sounds like a good workaround. Pick a nice secure-as-you-want password. But each website gets a different username. It sounds like most attacks are of the kind "joe_bob uses P4$$word on amazon, let's see if joe_bob uses P4$$word on this banking site too." They don't seem to be looking to see if joe_bob_amazon is the same account as joe_bob_wellsfargo. Or you could be joe_a_bob and joe_wf_bob.
Even better is if you have some control over your email accounts. They are probably smart enough to see joe.bob@gmail is j.o.e.bob@gmail(although that does let you filter incoming mail a little easier). But if you have control over the domain you have a catch all address and be me_amazon@myplace.com and me_wellsfargo@myplace.com.
well.. there's also watchout4snakes. I think it succeeds at being memorable more often with some tuning choosing the parts of speech and the commonness of each
Sorry, I'll only use my lucky D20.
"You should write your new passphrase down on a piece of paper and carry it with you "
Boy, that is NOT a security risk, is it? Of course, you always hide your hands under a towel when you enter the PW, right?
That keeps your screen's 'selfie' camera from allowing reading the key clicks off of the reflection on your cornea. Good, right?
Pick the start of the sentence or book title you have on your shelf all the time to serve as a reminder and PW source or a short sentence on a card in your wallet.
I'll stick with my script, that generates strings based on passphrases :-)
cap liz donna demon self ---> ÍÅÏÜvÉ?#{c?>î/Û'7£Ûó¾n>Vî
Of course, here on slashdot that string will get reamed (6 characters removed), as not only does slashdot not do Unicode or UTF-8, it can't even handle upper-ansi characters properly either.
A site dependent key to your phrase?
Base: correcthorsebatterystaple
Site specific(first thrid and fifth chars of the domain (sah for slashdot.org)): sahcorrecthorsebatterystaple
Seems pretty ironclad even if the password gets exposed. I guess someone who really wanted *your* particular password could figure out the method but all of those things coming into alignment seems like the edge of edgiest cases.
The biggest problem I see is that a lot of the sites that really should have the most secure passwords (banks, etc) limit length for some unthinkable reason.
aj bq cccc dhabi exxon fmc ... zx ##
Yeah, lots of English there.
I figure by 2030 or so my 6-digit UID will be something to brag about.
You should write your new passphrase down on a piece of paper and carry it with you for as long as you need.
Whole point of this news article = pointless.
This procedure assumes fair, unbiased dice. For years, the NSA has required precise machining of dice to generate predictable rolls. Once someone cracks the code, Casinos will lose billions.
What, other than precision machining, would explain why plastic dice with a materials cost of pennies cost over $2/each?
Yes, use 100% dictionary words. That's a great idea. The idea of a passphrase is to make it so many letters, brute forcing won't work. But dictionary attacks don't have to be individual words. They can easily be combinations of all known dictionary words without having a ridiculous result set to try compared to random letters. So what you need to do is come up with multiple words that you can remember then put a number or two between them. DO NOT replace e with 3 or a with @ or S with $, as those are known and common attack possibilities too. So if you choose "chickenisdelicious7nomnomnom" nobody will ever, ever, ever figure that out. If you choose "chickensandwichwaffles" it could get reverse via dictionary phrase attack in under a second.
It's only stupidly weak if you don't follow the stupidly simple instructions involving using a die roll to choose random words. Using the 7700 word dictionary they recommend and 5 words gives 64 bits of password entropy. Granted, that's much less than the 144 bits of entropy you provided in your 28 character alphanumeric password, but still no one is going to brute force 2^63 bits in a few seconds.
First you claim that they use malware to send my plaintext passwords to themselves. Then you claim they have been caught red-handed doing the first claim...by compromising networking equipment which never sees my plaintext passwords.
I understand your point, but your claims are rather incongruous.
All you have to do is remember a SYSTEM. One system for turning some known information into a password.
Lets say you want a password of Slashdot and you username is someuselessshithead15 .
A simple password could sD!sUSH15
The system I just made up is the first letter of word in the name of the site. Nouns are all capitalized. An exclamation point to seperate the name of the site from the screen name. And the screen name is written the same way as the name of the site with only the first letter of every word in the user name with nouns capitalized.
If I know that the name of the site is Slashdot and my username is someuselessshithead15 then I automatically know what my password is and that password is site specific.
Don't like that system? That isn't the point you myopic fucks... the point is to have "A" system. I pulled that one out of my ass... you can come up with a different one.
You can use the same system on every single fucking site and it is quite unlikely that anyone is going to figure it out.
If you want to be extra sneaky you can do something like instead of capitalizing nouns you can list nouns as their number in the alphabet. So instead of sD!sUSH15 you'd get s4!s22198
Seriously... no on is guessing that shit and it can be unique to each site. Even if you use the same screen name just having that seemingly random bit on the front of it is going to defeat anything but a serious attack.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Word was 'apathy"
Dear aunt, let's set so double the killer delete select all
As someone who dabbles in genealogy, one approach I've used for creating hard-to-crack yet easy-to-remember passphrases is to base them on one or more of my ancestors who have unusual, antiquated names. (Any genealogist will memorize those without even trying.) Of course, to make these passphrases harder to crack, you can throw in numbers such as their birth year, capitalize certain letters from a small memorized list, add your favorite symbol, etc.
I don't have any way to prove that this really works, but those odd old names seem unlikely to appear in any corpus of common passwords.
https://xkcd.com/538/
If they can't afford enough computer to crack your passphrase, they can still afford a $5 wrench
Left MS Windows for Linux Mint and never looked back!
Vote for Bernie in 2016!
Rather than that one, long, randomly generated password that then gets used on every site (or few passwords over many sites), I use a standard password, and modify it for each site. For instance, my slashdot pass might be horsebattery!SLASHDOT!staple, while my bank might be horsebattery!CHASE!staple. Easy to remember, and stealing the password from one site won't help on another.
(Yes, a person looking at the data might be able to figure it out, but I figure that unless I'm personally being targeted that would be very very unlikely. And, in reality, I have both different logins and base passwords that I use on high vs low security sites, so stealing my slahsdot user/pass would not work on my bank, or credit cards, or at work.)
#include "standard_disclaimer.h"
No.
There are 10 digits, there are (in this list) 7.7k dictionary words.
If you tell a hacker "my password is 5 digits" - they have 10^5 keys to test, or 100000.
If you tell them "my password is 5 words" they have 7700^5 keys to test, or 2.7 * 10^19 - which is more than twice as hard to crack as an 19-digit password, which again is 10 trillion times as hard as your 5 digit password.
It's just math, people. You don't have to rely on hand-rules like "dictionary words are bad."
No, it gives you about 5 bits. That's because 1 letter vs 1 word is practically the same thing as far as checking difficulty and generation difficulty and programs can treat whole words as 1 item while brute forcing. To try every word in English with every variation in case sizing takes less than a second. Checking every combination of 2 words in English is harder but still under a second. Once you get to three words, it's probably between a few seconds and a few minutes but the list to check is still pathetically short compared to if they were random letters.
horse : "that is a battery staple"
me : "correct!"
Thanks for compiling a character sequence list and explaining the algorithm...
the CIA can get with a rubber-hose.
Ok, if I'm writing a webapp that accepts a password, presumeably if I wanted to increase security somewhat I would put in a guessing rate limiter.
5 strikes and you're out (for a while).
So assuming (a reasonable assumption still in most cases, I hope) that the adversary does not have the file of password hashes, how exactly do they try the trillion guesses per second?
Explain please. I'm sure I'm missing something obvious.
Where are we going and why are we in a handbasket?
Your first word is 7 digits your second is 3, so clearly one is stronger than the other. "nom" is not in the diceware set, which helps a little, but it isn't so uncommon to be in a search dictionary. The numbers are in the diceware set.
You're comparing 7700^3 against 7700^7. Your more secure password isn't any better than chickensandwichwafflesworkcraigcrossafrica, probably a lot less good because chicken, delicious and nom clearly correlate heavily and nomnomnom is almost one word really. 7700^7 is 1604852326685300000000000000 according to my calculator. If I assume 72 characters (52 letters, 10 numbers, 10 special characters) then I need a 15 character random password to beat it in terms of search space. Maybe this: }&X$0ueUo~ravx&.
Further, if you put numbers between your letters you are turning a search space of 7700 into 7710 or whatever. If you replace l with 1 and so on, you are surely turning 7700 into 7700*(number of replacement options and combinations thereof). So mathematically, I would think that replacing e with 3, a with @ would actually be a stronger encoding that what you suggest.
someone who physically possesses the token has three guesses of my unlocking passphrase before the token locks itself forever and zeroes out the stored keyfile
If fat-fingering your passphrase thrice will make your data permanently inaccessible, then you better have damn good backups and a damn good data plan with which to restore them when and where you need your data.
1 letter vs 1 word is not practically the same thing. There are 26 letters 10000 words in the average dictionary for this purpose.
a 6 word passphrase chosen randomly from a 10k word dictionary; is essentially choosing 6 letters at random from a 10,000 letter alphabet.
6 random dictionary words, spelled correctly, single space between them, is as secure as selecting 16 letters randomly. (10^24 possibilities) about 80 bits that's pretty reasonable.
And much easier to remember.
And its actually several orders of magnitude more secure than that if your attacker doesn't know your password generation method; which in most cases they don't.
No, a single character (on a primarily Latin-based writing system, anyway) can represent between 2^6 and 2^7 possibilities, which is not coincidentally the size of the ASCII set.
The 7776 words in this dictionary comes to not quite 2^13.
So a random dictionary word should be treated as about 2 *random* characters. Of course memorable passwords are not typically composed of random characters, so it's better than 2 actual characters.
"1 2 3 4 5" is itself a likely example of a dictionary phrase, so you defeated your own point -- by your own logic, that's one character.
What's at risk is often forgotten, every web site wants you to register just to post a fucking one line comment on a story. I use a junk email and a fixed password for all of them. Even if someone cracks it, all I have lost is a registration I didn't want in the first place.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
There is no technical reason why password length should be restricted
Other than that a user has to finish accurately typing the passphrase on a mobile device's on-screen keyboard before the CSRF key for the login form times out.
This is dumb, Why don't I just brute force every combination of 4,5,6 and 7 consecutive words from this list?
So what I need to do is to write it down and have it with me? What if I loose it? Or change my pants? And I have to change it every month at work, so I better just write it down on a post-it and put it on my screen.
And what about the fact that I need about 47 different ones, because it is not safe to use the same one twice,. And some can not be longer than 8 characters. And some need numbers. ANd some neet to be 10 caracters with at least two numbers.
Please come back with a solution not for one password, but for the multitude of logins, passwords and pincodes I need to remember.
Don't fight for your country, if your country does not fight for you.
"7,776 English words"
So, less than 1/40th of the English Language.
What a short surface for a dictionary attack.
Slashdot needs to get some real people with REAL technical capability on-board. Timothy obviously can't figure out that HughPickens.com is a complete fucking idiot that can't determine whether or not the stories are worth a fuck for reporting (plus, the fag is shilling in his username alone.)
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
This is an interesting approach, but I see one flaw: If this sort of technique be comes common, wouldn't an attacker just need to know what word list you 'rolled' your password on and then can just brute force all the password combinations from that list?
Example, pretend that you had to pick a password for a new website that only allows all uppercase English characters, with no numbers or symbols allowed (just to keep the math simple). A normal ten character password gives an attacker 26^10 possibilities to try.
Your lets say that your diceware generated password picks 6 words from a list of 1000 words, and each word is 4 characters in length. If you skip white space, conventional wisdom would say that your password is 26^24 possibilities to guess via brute force.
But because this has become a common trend in password generation, or because the attacker is the NSA and have been watching what you read, they know you used this list. They don't bother to try all the combinations, just all the combinations of the words on this list. This gives them only 1000^4 possibilities to try. As it happens (yeah, my example is rigged), this is exactly 1 trillion possibilities, which if they were guessing at the rate suggested in TFA, would take them exactly one second to break via brute force.
Essentially, you are replacing individual characters with words to make a long password easier to recall. There is no reason why an attacker cannot do the same thing, mapping one 'alphabet' of symbols onto another.
Now, some people might point out that there are some things you can do to mix things up a bit and force an attacker to have to dig deeper, but my point is that this might actually make it much simpler for a smart/informed attacker to brute force a password.
HA! I just wasted some of your bandwidth with a frivolous sig!
only 3 incorrect attempts locks the account and requires a call to the outsourced IT in India
I think we can safely say that such a system will completely eliminate brute force password-guessing attacks. What's Hindi for "social engineering"?
Meanwhile, any suggestions for what to say to an IT department who, every time a phishing message comes round saying:
"Your account may have been compromised, please go to <a href="http://blackhats.phish.ru">www.youremployer.com</a> to confirm your security details."
...respond by sending round a message saying
"if you think you may be affected, please go to <a href="https://www.youremployer.com">www.youremployer.com;</a> to confirm your security details."
...because the people who fall for these know how to spot a dodgey hyperlink, right?
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
Using Diceware, you end up with passphrases that look like "cap liz donna demon self", "bang vivo thread duct knob train", and "brig alert rope welsh foss rang orb".
This is easy to remember?
Oh, and by the way, did anyone try this out using the touch keyboard of a smartphone or tablet?
You are not going to type a sentence every time your screen locks after 10 minutes of inactivity. The solution is really 2 factor authentication with a decent conventional 8 character password. Maybe even 3 factor - something you are (fingerprint), something you have (bluetooth-enabled phone in the pocket) and something you know (simple pin).
What you do is come up with a sentence that is really weird (weird is easy to remember).
eg, my cat turned out to be a dog last night
Then use the first letter from each word and add numbers where appropriate.
password = mcto2badln
My dice just came up with:
35356
43231
12551
65212
46355
Now I gotta look up the words, right?
They can take my LifeAlert pendant when they pry it from my cold dead fingers.
If you don't trust password managers and would like a way to generate unique, deterministic and hard to crack passwords. Take your 8 word diceware password and use it as the entropy for:-
https://www.grc.com/otg/offthe...
Which generates a 26x26 latin square. Use that with the domain name of the site and a memorable algorithm to generate a password for each site.
Also, in the near future (from the same source) is:-
https://www.grc.com/sqrl/sqrl....
You will still need your ONE strong password (or biometric) to protect the master key from which all site specific keys are generated (via the domain name), but when supported by a site it leaves nothing but a site specific public key for them to store that you use by proving that you can sign a random challenge with your site specific associated private key. So even if their database leaks it has no useful authentication data for an attacker to make use of because each sites keys are unrelated to any other. Which also means that for low value site who only need your key and nothing else to authenticate you due ti it being a two party system you are uncrackable.
The whole point in using passwords and passphrases is that the point of entry (the screen or page where you enter it) can't be reproduced millions of times per second. If a human can only press "enter" once per second, it will take a long time for a hacker (NSA or otherwise) to brute force through. If the attacker can get his hands on the password stored in the system (encrypted or not) the game is already lost.
Besides: anyone can think up a poem or a mnemonic for a password using random letters and/or numbers, and you'll be using your own words and not those of someone else out of a dictionary (which makes it more likely for you to remember).
Unbreakable passwords are easy to generate: just use a randomly-generated password as long as the information you're encrypting (the so called "one time pad"). When I'm logging into my bank or other on-line service, I don't want to have to deal with that much data. That's why it lets me have three tries at entering the password every ten minutes.
Go sell this idea to the next guy, please...
You miss the point, doubling the number of words only gives you one more bit per word, but makes looking up a word from dice too hard.
To be more specific, this dictionary is about 9 bits per word. If you used a 100,000 word webster's dictionary that's about 11 bits per word - it's not that many more bits.
Uhm, if you do 10 words this way you've got over 128 bits of entropy.
By the way if you used a 65536 word dictionary instead you could get there in 8 words.
I don't get it! If everyone (most people?) started using diceware and "there are [only] 60,466,176 different potential passphrases" wouldn't it be broken in less than a second if one can make "a trillion guesses a second"?
The problem sits in the dictionary attacks. There have been crackers out there on GPU for years that combine wordlists and partial words to guess passwords. Few crackers (if you have a large amount of hashes to crack) will still guess all combinations from a to zzzzzzzzzzzzzzzzzz. They'll take existing dictionaries, recombine them in 1->n words where combined words 16 characters, even substitute leetspeak characters. If your password 8 characters you're pretty much screwed already, 12-16 characters is still acceptable if the words aren't too common, 24 is the new gold standard.
Custom electronics and digital signage for your business: www.evcircuits.com
I'm actually surprised more people don't use something like RFC1760 to authenticate with systems. The passwords are one-time use and back in the days before SSH this is what we used to get behind the packet filtering to servers when using cleartext authentication.
characters. Because the entropy of one word out of 7776 is almost as high as two english keyboard characters. So any, say 7 word passphrase could be shortened to a 14 character password without losing any entropy.
But you'd need a program to convert between the two.
How about instead of allowing a trillion guesses per second, you only allow one every two seconds. Then it would take an average of a googleplex of years to happen upon the correct password.
If you are not allowed to question your government then the government has answered your question.
Sounds like the increasingly common SSL compromise and MITM attack. Some workplaces do it deliberately to their employees (out of industrial espionage paranoia) and do not understand that they are only one incident away from being fucked over by the legal department of a major bank.
jack and jill with bob and phil went up the hill to catch a bowl of pills might be really hard to crack.
I just use a completely random 13 digit alphanumeric password for my important stuff, and weaker more memorable passwords for random websites. Memorize the hard stuff for the important stuff. Calculator comes out to 401008959688303753940.6 years at one trillion guesses per second. Unless I did the math wrong... I ain't even give a fuck if someone gets the hash... the password practically already IS a hash.
You are looking at it wrong.
No. I'm not. You disagreed with me, and then made exactly the same argument I did. I even agreed that 6 word passwords was equal to roughly 16 characters. So what are you arguing with me for? Reread my post.
Even at the minimum length of 27 chars, you are looking at a maximum combination of 1.7190708e+27. Where you to just use a-zA-Z0-9~!@#$%^&*()_+ you could have the same level of brute force complexity with 15 chars.
I know that. The advantage of a 6 word password over shit like this:a-zA-Z0-9~!@#$ is that you can actually easily remember it; and most of us can type it faster too despite the longer length.
You are wasting a pretty substantial portion of value for each character you need to type by using a word list like this.
Are we that tight on RAM or something? Its easier to remember and faster to type and just as secure. Who cares if its extra 16 bytes?
This is total bullshit, and dangerous at that.
Firstly, a lot of software out there still has password length limits, sometimes silently discarding additional characters. You will still need ordinary passwords now and then.
Secondly, no normal human will type a five, six or more words passphrase every time they want to unlock their screen. They will do it for three days while they're hyped on how secure they are now, and then it'll become something they hate, and then they'll change it back to "123".
Thirdly, this is a bit more tricky, the real world security of almost every password scheme I've come across in 15 years of IT security experience is several orders of magnitude lower than the mathematical assumption. Because we consistently forget to take the human factor into account. Maybe some extreme nerds will actually follow this guideline, more normal people will discard words they can't remember for words they can, change things "a little" for convenience, and generally sabotage the whole system without even realizing it. It's the same as with passwords, all over again. Yes, on paper, a password has on the order of 10^16 possible combinations. But in reality, taking into account how people actually choose passwords (even ignoring the whole "password" and "123456" problem!) the actual diversity is more on the order of 10^9. Same here. You think using dice removes the human factor. omg do you underestimate humans!
Assorted stuff I do sometimes: Lemuria.org
'A trillion guesses per second':
7776 ** 1 / 1e12 = 0,008 microseconds
7776 ** 2 / 1e12 = 0,060 milliseconds.
7776 ** 3 / 1e12 = 470 milliseconds
7776 ** 4 / 1e12 = 61 minutes
7776 ** 5 / 1e12 = 329 days
That's for brute-forcing every combination. On average, you only need to brute-force half of them, so halve those numbers.
So yes, the shorter ones can be weak to a dictionary attack as you say.
That being said, I think that while a trillion guesses per second may be plausible, if a situation where the attacker can bruteforce that fast were to occur, the site has had at least two security vulnerabilities been taken advantage of: weak password hashing, and the vulnerability they used to download the users table.
The problems with diceware are that a big chunk of those words don't even sound like English ('69er', '1600', 'lu', 'zc', 'viva', '101st', 'pang', 'ijk') because they were chosen to be short, and that having the five-word passphrase necessary for some decent protection is still a lengthy 25-character passphrase you wouldn't want to keep typing ten times a day just to unlock the screensaver.
"Slow Down Cowboy! It's been 58 minutes since you last successfully posted a comment" -- slashdot, driving users away.
I'm using this tool http://www.ploodood.net/ I made some time ago to generate most of my passwords (o pass phrases). It spits out some words that looks like real words but are not. Stuff like "picurned lible shimen" or "inglequeggett". It's fun too :P
uh huh. Or you could just take a quote or a passage from a book that you like and intentionally change one or two of the words. Seems a lot easier to remember and just as hard to brute-force.
"It was the woof of times it was the meow of times sharklasers." (It was the best of times, it was the worst of times...)
"Cats are just outdated kittens." (Adults are just outdated children)
"The smurf who passes the sentence should smurf the smurf." (The man who passes the sentence should swing the sword)
"Not all those who swim are snapple." (not all those who wander are lost)
WHY are these not "random" enough as long as you don't know what author I'm using?
If your skull is wrench proof, maybe. Otherwise "give me your paper or I crack you skull" is about as secure as "give me your password or I crack your skull".
Human Rights, Article 12: Freedom from Interference with Privacy, Family, Home and Correspondence
It's probably a good thing I didn't have that happen with the password I set when I was in a bad mood. "Gimme yur password" "FuckOff123#"
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
You could probably do even better, but you wouldn't be able to post it here due to lack of unicode support . . . .
www.wavefront-av.com
The system requires you to change your password. That complicated passphrase is now useless.
In fact, mandatory password resets often are the cause of weak passwords. Humans can't constantly change and remember their passwords. So they go to simpler passwords and patterned passwords.
I'll just continue using my standard password:
'; SELECT * FROM unencrypted_passwords; --
"Evil will always triumph over good, because good is dumb." - Dark Helmet (Spaceballs)
The vast majority of people who have accounts get hacked aren't getting physical visits from the attacker. Hell keeping your pass phrase on a sticky note under your keyboard isn't that dangerous either unless you are specifically protecting against an insider threat.
Carry multiple pass phrases with you, and give the attacker the wrong one.
I am not your blowing wind, I am the lightning.
I thought "Correct Horse Battery Staple" was already blown up by advanced rainbow table and hashing techniques, and that's why we have to TWO-FACTOR ALL THE THINGS.
N4st0r, trixx0r h0bb1tz0rz! Th3y st0l3 0ur pr3c10uzz!
That's all well and good, but servers tend to have rules requiring mixed case, letters, numbers and special characters. These rules make passwords more challenging to remember. I can remember horsebatterystaple easily enough, but will quickly forget H0r$eBa77ery$7aple
The argument above was "dictionary words are bad because of dictionary attack."
Guess what? If you happen to pick 5 3-letter words by chance, that's 15 characters, which is 1.6 * 10^21 possible combinations. If you're trying a brute-force attack, it's even worse than the dictionary attack, which is still unfeasible.
Yeah, line-noise is going to be harder to check through than a restricted set. But good luck committing "Xm2fHi0`IU@r0:$" to memory as easily as "bye flo ice oaf jim"
Y'all learn something about information theory before you try to talk about passwords again, okay?
All these "simple" methods seem so complex and difficult to remember that no wonder people give up and go for the easy ones.. But, hey, there's a whole (virtual) room of geeks here.. can't SOME one think of a genuinely easy method? I for one, think we should be looking at tyhe genuine failings of technology and use that to advantage.. We ,may finally have taught Big Blue to play a good game of chess, but it still can't tell a joke like O.scar Wilde or wit like Mark Twain. So it stands to reason , and it most certainly cannot lie down to reason, that a joke would make a perfect PW, as long as it's never been heard before. ...