The Best Way To Protect Real Passwords: Create Fake Ones

jfruh writes: Many security-savvy users have a password manager that stores their randomly-generated passwords — but if that manager is cracked, the gig is up. Some security researchers are suggesting a technique to stop this: a password manager that offers up fake passwords when an attacker tries and fails to crack it, which makes the process of figuring out if you've broken in much more difficult.

Difficult?

[qpqp]

This just adds an extra step to automate: take the password and try to login. It's not like people are manually trying passwords...

Re:Difficult?

No, this will solve the problem once and for all.

Re:Difficult?

[Chrisq]

This just adds an extra step to automate: take the password and try to login. It's not like people are manually trying passwords...

That actually makes things a lot more difficult. Many systems have password lockout, meaning that you would lose access before cracking the manager. Also even if one does not have lockout the delay of an internet call will slow down the attempt rate significantly

Re:Difficult?

...at least until somebody reverse-engineers the password manager and disables the "give fake password upon decryption failure" logic - it's one thing to have a number of specific "wrong" passwords that return specific bad data (e.g. have individual records in the database that are encrypted with said "wrong" passwords, similar to the usual plausible deniability you get with some whole-disk crypto packages), but I don't see how it could consistently return "valid" fake passwords unless it had special logic to do so...

Re:Difficult?

This just adds an extra step to automate: take the password and try to login. It's not like people are manually trying passwords...

Its still better then having it easy to crack, besides it means that the online accounts are likely to be locked out before an attack is successful.

Re:Difficult?

[ThatsMyNick]

Have unlimited fake ones then. Any keys will unlock your vault, only the right key will reveal the correct passwords. Good luck trying to login with unlimited attempts.

Re:Difficult?

Uses fake passwords to create a list of passwords not to try when brute forcing.

Re:Difficult?

[jd2112]

My passwords are on a post-it note stuck to my monitor.
Let's see them crack THAT!

Re:Difficult?

[Albanach]

at least until somebody reverse-engineers the password manager and disables the "give fake password upon decryption failure" logic

Why should a password manager like this know if it's generating a valid or invalid password. Surely all it needs to do is generate a salted hash based on the website name, a random value it generated when you installed the software and your entered password that protects the vault. Any salt entered will generate a result, but only the salt you are expected to remember will generate valid passwords.

You should get the advantage of strong lengthy random passwords for the websites you use, and some added value in that if your password file is compromised it remains challenging to brute force since each generated password needs to be tested. The disadvantage is that some sites may not place limits on the number of login attempts making brute forcing possible and then the overall security comes down to the strength of the salt you chose.

Re:Difficult?

[Instantlemming]

Yeah, ask TV5 how that works...

Re:Difficult?

Why should a password manager like this know if it's generating a valid or invalid password. Surely all it needs to do is generate a salted hash based on the website name, a random value it generated when you installed the software and your entered password that protects the vault. Any salt entered will generate a result, but only the salt you are expected to remember will generate valid passwords.

Password managers already have been doing this for years. The one I use will give a perfectly valid but incorrect password if I don't open the keychain properly.

Re:Difficult?

[DarkOx]

Its a damn good way to get busted as well. IDS sensors and SEIM systems will pick up on a small number of hosts performing a large number of authentication attempts or a large number of hosts making attempts against the same account.

Either way you going to at least tip off the site operator. If your target is a free webmail host or something there might not be much they could/would do but a corporate security team will probably alert the account owner, and watch that account very carefully, will other folks contact the lawyers and the authorities to hunt your ass down.

Re:Difficult?

[GameboyRMH]

Oh, the fools! If only they'd built it with 2 layers of password spoofing! When will they learn!?!?

Re:Difficult?

[Paradise+Pete]

My passwords are on a post-it note stuck to my monitor.

Me too. But I've instructed my secretary to generate a fake set of post-it notes if someone comes into the office pretending to be me.

Re:Difficult?

[CastrTroy]

If I was using this password system, wouldn't having the file give the person who obtained the file a list websites/systems that I have access to, along with my user name? I'm not sure if that's such a great trade-off. Currently I have a password safe (keepass) that keeps the entire password database encrypted until you enter the correct password. The password I have is quite long, and would probably take a huge amount of computing resources to brute force.

Re:Difficult?

ONCE AND FOR ALL!!!

Re:Difficult?

I've cracked plenty of monitors, it's no big deal

Re:Difficult?

[wvmarle]

Testing password against local file: about 1 microsecond.

Testing password by trying to login to Facebook, Slashdot, Yahoo, etc: about 1 second.

So if anything it's going to cut down your password test rates from a million a second to one a second. That's already a great hurdle for password crackers. This even before any rate-limiting by those websites kicks in.

Re:Difficult?

[ColdWetDog]

Yo nerd! I heard you like passwords on your passwords.

Re:Difficult?

poodle loser gibberish
https://www.google.com/ actualybankuser ribbegish
appnotlinked directly anywhereanotherpass
why would itbe
given cleartext toencryptanyway?
http://www.nextline.com/ machine learnornot
that user and correct horse battery staple

Re:Difficult?

You should get the advantage of strong lengthy random passwords for the websites you use

I used to salt+hash a password I knew with sha256 and use the result for websites until I discovered the sites were stupid about password length restrictions. I tried sha1, then had to step back to md5. And what's the point then?

Re:Difficult?

[Zalbik]

I have fake passwords on a post-it note stuck to my monitor.

My REAL passwords are on a post-it note stuck to the bottom of my keyboard.

You fools with your single layer of misdirection, thinking it will keep you safe!

Re:Difficult?

Turn your webcam to face your monitor for a second, please.

Re:Difficult?

SIEM tools are not that hard to come by either. Something like Splunk which is a pretty common (although not cheap) tool can be configured to start alerting if more than "x" number of guesses for an account happen in a certain time threshold.

A clever BOFH noticing that user jdoe is being brute-forced will rename the real user to jdoe2, then create a user jdoe into a honeypot account with an Exchange mailbox full of Onion-like articles of what the company is about to announce.

Re:Difficult?

[Zeroko]

If only the passwords (& not usernames or URLs or whatnot) are encrypted & no checksum or other verification is used, then entering the wrong master password could very well cause it to decrypt to completely useless but structurally valid passwords.

Of course, care would need to be taken to ensure the result is always valid...probably have a "password format" field that indicates what format the password is allowed to have (at least 1 of each of these types of character, at least 8 characters & no more than 16, that sort of thing), then do a "base conversion" of sorts so that valid passwords map to consecutive integers. The only remaining problem is if the format does not pack nicely into an integral number of bits, since then you might get out-of-range values with certain choices for the master password, but this can either be ignored (you rule some fraction of the master passwords out but still have to do a lot of searching) or handled by randomly (not necessarily uniformly...) choosing any value that is equivalent modulo the number of passwords allowed by the format.

Re:Difficult?

[perpenso]

My passwords are on a post-it note stuck to my monitor. Let's see them crack THAT!

Reflection off your glasses picked up by your monitor's camera. :-)

Re:Difficult?

I think mine opens with a blank database when you don't get the right password.

I'm struggling to see the way people can be hacking these managers. Is the assumption that the manager is somewhere in the cloud and that the attack is across the network?

My manager is installed on a PC at my house and doesn't have a web presence. To get a shot at my manager, the attacker has to beat my firewall, my machine itself (okay, laught now... I am), and then figure out what manager I am using and either keylog me or somehow find an exploit in my manager (no way they'll brute for 270+ bits of entropy in my passphrase).

If they are that good, they'll get in and find out I've got little money, some debt and don't belong to most interesting social networks. ;0)

Re:Difficult?

[suutar]

It's a tradeoff. Encrypt the URLs and make it easy to tell when the manager password has been found without having to try the managed passwords, or leave the URLs expose and make it hard to tell when the password has been found. *shrug*

Re: Difficult?

its a feature for luring in people who dont understand how managers work or how the pw db is hacked

Re:Difficult?

[Bengie]

This is how I was understanding it. Make the algorithm such that you can't detect password failures, you just get a different result.

Re:Difficult?

[kmoser]

My passwords are on a post-it note stuck to my monitor. Let's see them crack THAT!

Hey, what's written on that Post-It note stuck to your monitor? Just curious.

Re:Difficult?

[jd2112]

My passwords are on a post-it note stuck to my monitor. Let's see them crack THAT!

Hey, what's written on that Post-It note stuck to your monitor? Just curious.

system: slashdot.org
password: ************

Re:Difficult?

My password is last week's winning lottery numbers. You'll never guess. HA!

The digital version of having a couple of post-its

I have a pile of post-its. One contains the passwords. The other contain also all kinds of notes, as well as old passwords and shopping lists. Main difference with the proposed method in TFA is that hackers may still have access to the digital fake passwords, but will never get my post-its.

Obviously, these can get stolen too. But only a trusted select few people have physical access to this, and even they don't know which post-it to take. And no hacker is going to physically break into my place to look for post-its. I'm just not important enough for that. Burglars would steal the computer (which has only unimportant passwords stored on it), not post-its with random notes.

In other words, I'll stick to my "system".

They're missing the opportunity...

[Parker+Lewis]

We need a password managers manager!

Re:They're missing the opportunity...

trace bustah bustah...bustah.

Re:They're missing the opportunity...

[Kyont]

How can none of these responses start off with, "Yo dawg, I herd you like password managers, so..."?

Re:They're missing the opportunity...

[Minwee]

How can none of these responses start off with, "Yo dawg, I herd you like password managers, so..."?

The usual reason. You weren't looking hard enough.

Re:They're missing the opportunity...

...and what if you forget the password manager manager password? Well, that's what the password manager manager password manager is for!

Recurse

[Chrisq]

We need a password managers manager!

... It's password managers all the way down.

Re:Recurse

Don't be silly, it's impossible to create a infinite chain of password managers.

What we need is a circular queue of password managers.

Re:Recurse

[F.Ultra]

ROT13, see you can rotate that for ever!

Re:Recurse

Too many managers, not enough passwords!

Re:The digital version of having a couple of post-

Honestly I would be much happier with users writing down their password and putting it in a locked cabinet under the desk then picking "Password123" for their accounts. For anything serious users should be demanding multi-factor authentication.

Surrealist password manager:

[vikingpower]

Ceci n'est pas un password.

Re:Surrealist password manager:

[Minwee]

Ceci n'est pas un password.

Ceci est une sword?

I use SSH keys everywhere.

I've always heard that SSH keys are better than passwords. So I use them even with websites that don't use SSH.

Here's what I do:

1) I generate a new keypair using ssh-keygen.
2) I put the public key in my GitHub repo, because the public key is meant to be shared.
3) I use the private key as the password when I sign up for a new account on a web site. I copy and paste it into the password input since it's too big for me to type in.
4) When I have to log in to the web site I copy and paste the private key into the password input since it's too big for me to type in.
5) I live my life knowing that I'm using the most secure password possible: an unbreakable SSH key.

Re:I use SSH keys everywhere.

I don't get the joke (besides that this is stupid...). Is this a reference to something?

Re:I use SSH keys everywhere.

[F.Ultra]

I don't get it either but it's not "stupid" per say since it will get you (if you use the standard 2048-bits size) a password with a length of 372 that is infeasible to crack. It doesn't solve the key storage problem though since he apparantly stores his public key only and one cannot extract the private key from the public which is what makes it kind of stupid.

Re:I use SSH keys everywhere.

[Zalbik]

I'm guessing the joke is that he only ever logs in once since he doesn't save the private key anywhere?

In any case, needs a "not particularly funny" mod.

Re:I use SSH keys everywhere.

[smaddox]

Or you could use a single private key to cryptographically sign your username concatenated with the site's host name, resulting in a site-specific, secure password. No need to store hundreds of passwords, just the usernames (which could be duplicated) and a single private key.

I'm sure there are password managers out there that do this.

(Disclaimer: IANACryptographer --- there may be something braindead about this scheme)

Re:I use SSH keys everywhere.

[Bengie]

256bits of entropy are sufficient to make any possible future computer tech requires converting the entire Sun's mass into energy in order to brute force the random password.

Re:I use SSH keys everywhere.

[F.Ultra]

I know, that is why I wrote infeasible ;)

Over think

[DarkOx]

Honestly this should be pretty simple. The default operating mode of a password manager should be generate a password from PRNG data.

Store the value encrypted with AES a key derived from a master password extended via PBKDF-2 or similar should be used for the cipher.

Next apply the necessary mixture bitwise rules applied bytewise to the 'clear text' to ensure the password will contain type-able characters and accommodate character restrictions. (Something like x = ((x % 126); x = x | 32 if x 32; for those of us using ascii and yes its not perfect and will produce some bias maybe a crypto expert could propose a better alternative ) Store which rules must be applied as well. That should not be an information leak as the attacker probably can research the target system and divine these requirements anyway.

That will mean most of your passwords are nearly random goblody gook. (Important). No matter what master password is used a key can be derived, the decipher operations and the rules can be applied the result will appear to be a legal password, but it will be incorrect. In the event you have stored a specific less random value it should 'decipher' as well but appear highly random given that is how all your other password appear to be it will not be a strong indicator the wrong key has been chosen either.

Re:Over think

[Kiwikwi]

The NoCrack authors mention this briefly in their paper (PDF). They call the approach you describe "stateless password managers", and briefly describe some of the drawbacks of the approach:

Chiasson et al. conducted a usability study of both PwdHash and Password Multiplier and found the majority of users could not successfully use them as intended to generate strong passwords. Another usability challenge is dealing with sites with a password policy banning the output of the password hash.

But yeah, I'm not convinced the problems they highlight are intractable, nor that NoCrack solves them.

Re:Over think

I don't think that's what he meant, you could store your own passwords that fit whatever policies, but they would always unlock to something with any master password entered. So if you entered the wrong master password you would see what looked like a bunch of those random generated passwords, but you wouldn't have had to use one to begin with.

Re:Over think

[asc99c]

I'd guess the difficulty is that you want everything encrypted: that is, the password database will contain a list of website or server names, as well as the usernames and also the passwords. It's pretty difficult to distinguish between a valid and invalid password assuming they're generated randomly according to sets of rules. However, the rest of the data is likely to be human readable and full of standard dictionary words.

So it's only easy to make the password database inscrutable upon attempted decryption if it ONLY contains the passwords. In which case a list of servers and user names is held unencrypted. And that bit is undesirable. This system therefore has to generate entire valid looking vaults that decrypt with incorrect passwords.

Re:Over think

[Kjella]

NoCrack seems extremely vulnerable to a crack since they create decoys on the fly. It should be fairly trivial to pick it apart and tell when you're getting a real password from the vault. As for the stateless password managers, they operate without any kind of wallet which is their problem. Also you can't change password for any reason, that's a problem too. If you have a wallet most the problems go away. I'm thinking as follows:

The wallet stores a PRNG value to avoid various rainbow attacks. For each site/login the wallet stores a 128-bit PRNG and how to extract the the password from the hash.

Upon entering a password, the software shows you:
a) The fingerprint of SHA1(unique key+password) in some user friendly way so you might realize a mistyped password
b) For each site/login SHA1(unique key + password + site/login key).toBase64().substring(startPos, length)

For example,
When I generate the wallet, there's a random seed. Lets say it's
1234567890abcdef.
I add a site/login called "Slashdot" and it generates a site key:
1122334455667788

My password is "go fish"
When I type it in, it generates SHA1(1234567890abcdef + "go fish") = "PFr7t9qfAP9PFVG0+Vvbez82rW8=" and I know that if I type the password right it should start with PFr... something.

My hash for slashdot is SHA1(1234567890abcdef + 1122334455667788 + "go fish") = "8ktw2l8XVdI81/6TvEcg5EbxJ90="

I pick some part of that which satisifies this site's requirements like "ktw2l8XV" and the wallet stores (openly) that it'll take startPos = 2, length = 8. If nothing works because the site is weird, I can always generate a new site key and I'll get a new string to choose from.

If you type something other than "go fish", you'll get a different set of passwords but no indication whether it's right or wrong. Some of those passwords might fail the site's passwords requirements, but that's a very weak elimination.

Re:Over think

[0100010001010011]

I do the same thing with sha256.

echo -n "myseed+username+website" | sha256 | cut -c1-20

echo -n "myseed+0100010001010011+slashdot.org" | sha256 | cut -c1-20

I'm thinking about writing a base65 encode function for websites that require !@#$%^&*().

So how does this work?

[aaaaaaargh!]

As the maker of a password manager, I'm curious how this is supposed to work. The article is a bit sparse on information.

Suppose I'm the attacker and after say, ten guesses the fake passwords are shown. So if I now save the passwords, will the original ones be overwritten? I guess not, since that would be rather inconvenient. So if not, will the fake passwords along with the master password and the original data be stored in the password database? Than the attacker can check the length of the original file after saving to determine whether he has obtained fake passwords. Or are they assuming some mysterious online password application where the user has no knowledge of where and how his passwords are stored? In that case, the application will be insecure anyway.

I suppose the right way to make this work is by saving fake passwords (or the space for them) along with the real ones all the time but encrypt them separately with the fake master password after it has been created on the fly. Thinking about it, I might add this as an option to my program.

Re:So how does this work?

[hippo]

If an attacker has your password file you should not be worried about saving the original passwords. Either your machine is stolen or your password database has been copied.

Re:So how does this work?

[gbjbaanb]

Possibly - but then the best way is just to let any password open the vault.

You cannot crack a password DB if every attempt to open it succeeds. If your means of validating the password you used is to read a stored password, close the vault, reopen it and re-read the password to ensure its still the same.. then you've just added one heap of time to your cracking attack.

Of course, a password vault could return the same set of fake passwords if you failed to supply the correct key (ie when you store a new password, the system generates a fake to store alongside it and returns the correct, or fake one depending on correct unlocking)

No need to re-gen when the vault has been opened incorrectly, just return the bad passwords and let the attacker try to use them. What's even worse than having to re-open your vault to check the passwords are the same, is having to take one of those passwords and use it to attempt login to a 3rd party site to validate whether they were the correct passwords or not!!

If you really want to be a bitch to attackers, you'll expose a few valid entries to honeypots (with passwords that work) so the attacker may think he's got the correct unlock :-)

Re:So how does this work?

Pad the password file to a fixed length in the first place?

Re:So how does this work?

[Kiwikwi]

What you're proposing sounds like Kamouflage (PDF link from TFA), with only 1 decoy password set (Kamouflage suggest 10,000); and suffers from the problem of generating plausible fake master passwords without revealing anything about the real master password, as mentioned by the authors of NoCrack.

What the NoCrack authors try to achieve is a solution where every incorrect guess at the master password still provides a set of (incorrect but at least sometimes plausible) passwords. A bit like a one-time pad, which is the only provably secure encryption, because brute-forcing the key yields all the possible plain texts (both the correct and all the incorrect ones). Of course, the problem with the one-time pad is that the key length matches the plain text length, which would completely eliminate the benefit of a password manager. Additionally, as noted in TFA, authorized users might not like the idea that making a typo when entering the master password yields (seemingly) correct passwords. :-)

I'm not convinced the NoCrack authors have actually succeeded, as they claim, but can nevertheless recommend the NoCrack paper (PDF), since it discusses pros of cons of the approach and alternatives.

Re:So how does this work?

Password manager creates random string as password for slashdot.org, user saves file with master password, data saved to disk is the plain text site name and the password encrypted withe the master password. Cracker tries first password in dictionary attack and the password manager happily shows the password AS DECRYPTED WITH THE CRACKERS PASSWORD, the result looks like a randomly generated password, but is not correct. User opens password manager with correct master password and gets the password DECRYPTED WITH THE MASTER PASSWORD the result is the correct randomly generated password that matches the original one created

Re:So how does this work?

Don't generate the fake passwords "on-the fly".

When the genuine user store a real password, also generate a fake sibling password. When someone makes a bad attempt at extracting a particular password, give them the sibling password instead.

• The cracker will not see a change in file size. Nothing is written when someone is extracting (real or fake) passwords
• The cracker will get the same fake password (for a particular site) on each attempt, so cannot discover its fakeness by noticing that it changes from one attempt to the next. This because fake alternatives are stored in the database too

Re:So how does this work?

Additionally, as noted in TFA, authorized users might not like the idea that making a typo when entering the master password yields (seemingly) correct passwords. :-)

Simple solution. The user just needs to add an entry to the very top with a password of "File Decrypted Correctly" or some other plain text string. If you open the password file and instead see gobbledegook on that first row, you know you typoed the master password.

Though now I'm wondering, what happens if you enter an incorrect master password, but then try to change a password? Will it let you? Should it?

Re:So how does this work?

[rsborg]

Possibly - but then the best way is just to let any password open the vault.

This is highly undesirable. Even knowing which services I find worthy enough to include in my vault is important. If the attacker knows my gmail, linkedin, or more niche account username, and doesn't see it in the vault, then they will get suspicious.

Re:So how does this work?

[aaaaaaargh!]

Count me amongst the skeptics.

What the NoCrack authors try to achieve is a solution where every incorrect guess at the master password still provides a set of (incorrect but at least sometimes plausible) passwords.

That's a bad design. If the attacker can access the password file, then he will usually also be able to save your fake passwords from within the password manager. Think about your wife trying to find out the password for your porn collection. So either she may (perhaps inadvertently) delete the original ones, which would be a disaster, or you need to have padding space in the original file so the attacker cannot detect that you have saved the additional files. And you cannot have an arbitrary amount of padding space, of course.

What makes sense is to allow some attempts and then create fake passwords and save them encrypted with the fake masterpassword in the already padded database file (so there is no difference in file size). However, that only works if the password manager always modifies the password file in some way whenever it is opened, since otherwise the attacker can choose *not* to modify and save the file (which would be the wise choice anyway, from his perspective) and can easily recognize that he has been served fakes by monitoring file activity. It doesn't bring any advantage when the attacker is reverse engineering the code or debugging it.

What somehow works against offline attackers would be a variant of a 'fully bijective encryption' that was advocated many times by some crackpot on sci.crypt 15 years ago. I forgot his name. In the present case, this would mean that the encryption scheme is hand-crafted in such a way that the ciphertext is mapped to seemingly valid cleartext no matter what master passphrase is provided, and there is no check for correctness. I suppose that's what the authors were working on, but I'm pretty sure that this can only work convincingly if the passwords are random-generated in the first place. It will fail with user-provided passphrases (or, worse, it could become cryptographically insecure). The proof is left as an exercise to the reader. (just kidding)

My 2 cents. But thanks for the linked paper, I'll check it out.

Re:So how does this work?

If you have your gmail in the vault and that's your primary email, you're an idiot.

Distress passcodes

Instead of feeding that password managers with fake passwords why don't we fill it with distress passcodes that will lead the attackers straight into the honeypot?

Re:Distress passcodes

[qpqp]

Now that is a much more interesting challenge.

Seen something similar before

[140Mandak262Jamuna]

I know of one small software company that used some home grown licensing method. The software will check out licenses for features at run time. Some features would appear to be legitimate, something that is going to be released soon. But those features were never sold, and if the license manager approves those features the product knows the license manager is probably cracked. It won't report any "ha! you are using a cracked license manager", it would quietly chug along for a while and crash randomly. The pirates who crack software would think they have cracked it and sell it as warez. The buyers will get some unreliable software, possibly reducing the "trust" on the warez hacker and sowing discord among the pirates and their customers.

P.S: company eventually got sold to a bigger player and the home grown license manager was retired for industry standard "FlexLm". Soon after, ALL software using Flex were cracked and sold on the warez sites. Pirates could have easily cracked the license manager of that small company, but it is too small to be worth the effort.

Moral of the story: Monoculture is bad, both for Irish potato farmers of the 18th century and license/password managers of the 21st century.

Re:Seen something similar before

[kbg]

Actually what will happens is that some users will use a cracked version as some sort of trial and then buy the real version if they are satisfied with the program. This is what I have sometimes done when the software doesn't have any trial versions available to test. But if you have quiet crashes, corruption or weirdness in your program the users will think that your program is just really crappy, stop using it and never buy it.

Re:Seen something similar before

Really, your using the potato famine as an example? Of what? How the English fucked over the Irish?

Re:Seen something similar before

[drinkypoo]

The buyers will get some unreliable software, possibly reducing the "trust" on the warez hacker and sowing discord among the pirates and their customers.

Ah, naivete. Any time I feel like humans are smart, I just come here and read, and I'm cured. Guess what? The unreliable software was being used as a trial by potential future customers, who just decided it was a massive pile of shit and used a competitor's software. If they ever actually made money with the software, then they bought it. Their competitors thank them for their sophomoric DRM scheme which guaranteed that everyone thought their software was shit.

Moral of the story: DRM is stupid, an people who think tricky DRM which shits on potential future customers is cool are also stupid.

Re:Seen something similar before

Actually what will happens is that some users will use a cracked version as some sort of trial and then buy the real version if they are satisfied with the program.

This is not what happens. The only way I'll try commercial sw before buying, is if they let me. I.e. you offer me a trial version that probably have some sort of limit supposed to encourage me to buy the full version when I see just how good the trial version is.

You see, I don't pirate. No need - the open source world provide everything I need - games, word processors, server sw. To consider buying something, it must be so much better than the free stuff as to be worth the difference. That case get rarer every year. To pirate something, it must be much better than that - due to the risk of punishment for piracy. And it would also have to be too expensive to just buy.

There may very well be some bases not yet covered by open source - but nothing worth pirating. I haven't seen anything pirate-worthy since the 1990's.

Re:Seen something similar before

You've already heard what will happen for those using the pirate version as a trial. For the pirates that never buy, they become bad word of mouth for your product. Plenty of people ask those "in the know" about what software to buy. Some of those in the know are pirates (in fact, it's rare for someone to be completely brain-dead with a PC and be a successful pirate). I'll let you guess what their review of your software is.

Re:Seen something similar before

[140Mandak262Jamuna]

That company was offering free trial with tech support and free training. Free university versions. Why would you pay real money to a hacker when you can legitimately get the same uncracked software with tech support? The company was small, user base was small some 2000 seats or so, but the price was not. It was selling the software at 50K$ a seat. Upgrades and support went at 15% of the list price, even if the first sale was discounted.

Re:Seen something similar before

[140Mandak262Jamuna]

Yes, English really mistreated the Irish during the famine. Shockingly population of Ireland has still not recovered to pre famine levels. But England was equal opportunity abusers. They mistreated colonies in east Indies, west indies, Americas, Africa etc. They ill treated their own poor. They dumped so much raw sewage in Thames, there was a period in Brit Parliament history known as The Great Stink. I think Benjamin Disraeli was the PM at that time. Even their Royalty was drinking the same shit from the Thames.

Re:Seen something similar before

[lisaparratt]

Audio plugins - open source ones are mostly gash, and they all tend to have unique sonic characteristics anyway. Cost big money, and often demos are crippled to the point you can't effectively evaluate them.

Re:Seen something similar before

[tazan]

Atari did that with the video game Tempest. Then someone forgot and made a change that caused the test to fail and legitimate customers got the "random" memory corruption. Then someone figured out you could use the corruption to get free games, so it was a happy ending after all.

Re:Seen something similar before

Actually the English didn't treat them that badly by the standards of the time, although the standards of the time were pretty poor. Most regimes were pretty offensive back then by our standards. At least they'd just about banned slavery by then for instance.

Re:Seen something similar before

[Zalbik]

. The buyers will get some unreliable software, possibly reducing the "trust" on the warez hacker and sowing discord among the pirates and their customers.

More likely, I would think this would reduce the trust of the software and original software developer. After all, the software appears to be working, other than the "bugs". Most users aren't sophisticated enough to think "maybe that shady warez site did something that affected the original software!", they'll just think the original software is crap. Especially when they go online and see complaints for exactly the same bugs from other (unbeknownst to them) warez users.

This seems like a really bad idea. I would suggest to have it work for a while (say 6 months), then pop up a message indicating that this is illegally copied software. Long enough that the warez hacker doesn't realize, but not so long that they get full use of the product.

Re:Seen something similar before

[drinkypoo]

So you got the full, unlocked version? Not that it matters, because everything I said stands. Lots of people don't want to mess with all of that noise.

Re:Seen something similar before

[140Mandak262Jamuna]

How many 50K$/ seat software is given away like you say? This software is not bought for personal use. Legitimate corporations and businesses with good reputation will go through *all* the hassles, sign non disclosure agreements, go through rigorous evaluation process. The only ones pirating these software are those who would/could never pay for legitimate licenses.

I agree with you DRM for music/video does not work, and most people would pay for hassle free legal access and those who pirate would never buy legitimate access. It is probably true for mass marketed apps too. But when it gets to complex software costing upwards of 25k a seat, it is all bought by corporations worried about being sued for piracy etc. They will and they do jump through all the hoops and evaluate it, and pay good price for it.

Re:Seen something similar before

[Anubis+IV]

Ah, naivete. Any time I feel like humans are smart, I just come here and read, and I'm cured.

Just skimming through your post, I see that you've incorrectly assumed the following:
1) That those illegal downloads represented lost sales. Haven't the RIAA and MPAA taught you anything about the faultiness of that logic?

2) That the people torrenting the software were potential customers to begin with. When it comes to B2B software, which is what is being discussed here, there are established channels for procuring demos or trials of software. You don't torrent it unless you never had any plans to be a customer.

3) That a competitor even existed. Small software niches, like the one being described, oftentimes only have one player, since the space is too small to support multiple competitors. With a $50,000 per seat price for software developed by a small company, it wouldn't be surprising if they were the only player in that space.

4) That the crippling of pirated copies results in any sort of meaningful backlash. If the recent examples of pirated games being crippled are anything to go by, people are finding them "hilarious", rather than being upset.

5) That pirates of B2B software complain about the quality of the software. If you just got done pirating a $50,000 copy of software, which is what is being discussed here, the last thing you'd do is trumpet the fact that you've done so by complaining about it to anyone at all. In the case of games, these sorts of techniques are being used to get pirates to out themselves.

Re:Seen something similar before

[drinkypoo]

The only ones pirating these software are those who would/could never pay for legitimate licenses.

No, you missed the point. If this software is so valuable, why? If it is for support, the "pirates" are not receiving support. If it is for the money-making potential of the software, if the unpaying users actually make money with it, they become far more likely to pay for it, not less. This is precisely what I was talking about to begin with. Adobe is shooting themselves in the foot by making Creative Suite subscription-based, because it just drives people to alternatives when it's harder to copy Adobe software. People tend to fiercely defend their decisions, so if they use the software they become outspoken supporters whether they've paid or not. There are lots of reasons why it doesn't make sense to go after pirates who can't afford your software anyway. Just let those people be and concentrate on corporate users who actually have money, they're worth your time and energy.

Re:Seen something similar before

Don't even mention FlexLM. It was the bane of my existence at work for something like 20 years, till I retired. May it rot in silicon hell.

Re:Seen something similar before

[Woeful+Countenance]

Ah, naivete. Any time I feel like humans are smart, I just come here and read, and I'm cured.

Some humans did go to the Moon. I cling to that when I feel myself sinking in the Slough of Despond.

Re:Seen something similar before

[drinkypoo]

That those illegal downloads represented lost sales.

Too bad you can't read. That's not what I said at all.

When it comes to B2B software, which is what is being discussed here, there are established channels for procuring demos or trials of software.

Some people don't want to dick with your established channels, because they don't trust your salesdroids and don't want to talk to them. If you follow established channels, you usually get sales spam for the rest of your life.

That a competitor even existed.

Show otherwise, and I'll show you're wrong.

If the recent examples of pirated games being crippled are anything to go by, people are finding them "hilarious", rather than being upset.

They aren't, because we're talking about business software. You must have serious ADHD because you can't stay on topic for more than a couple of seconds.

That pirates of B2B software complain about the quality of the software.

They don't complain. They use something else. I thought I made that clear. Perhaps learning to read ought to be on your agenda.

The weak point

[MoogMan]

"There is, however, one large problem: What if a person mistypes a password? In that scenario, a fake vault is generated, and a user is locked out of his or her accounts."

This is the weak point - It forces the user, or the system, to generate an additional artifact to inform the user (but hopefully not the attacker) that the password safe is correctly unlocked.

"One possible fix is to create a hash of the master password that is linked to an image that is shown when the password is entered. The authorized user should recognize when the wrong image is displayed, but an attacker would not."

I'd expect this one image to be shown only when the master password is entered. i.e. it is an unique indicator. Fake images will need to be generated for all other passwords, and if there are duplicates then they can be eliminated as false-positives. Strategies like this will always be the weak point. It's commendable that they're attempting to fix the problem, lets just hope the additional complexity doesn't weaken the system overall.

Re:The weak point

I use a Lotus Notes based system at work. As you type in your password it shows a ball that changes colour presumably based on a hashing algorithm. There aren't many different colours (maybe green, red, blue, yellow, black or something) but once I've typed the last character of my password it should be (in my case) green. It's not unique, but it's a good indicator that I've probably typed my password correctly. I think the position of the ball changes slightly as well so it can be green ball, top left etc.
Something like this would serve as a "most of the time" error check while still not providing a unique indicator that a cracker can discount the tried password.

And it's not a huge problem if a fake vault is generated anyway, even if the coloured ball trick doesn't tip off the user - I know of very few accounts that lock out after a single failed password entry, so if they get a password error on their account they would just need to lock and reopen the password manager and all would be well. Even if they are locked out and have to go through a password reset procedure, that's still better than having all your passwords cracked.

Paranoia

[Kokuyo]

Am I the only one who thought to himself "Do I actually have anything to hide that would justify this much effort?"

If somebody hacks my ebanking account, chances are the bank would be liable unless they could prove I have been negligent. And besides, this whole security thing becomes rather funny when you think that my bank is the only site which limits my password length to seven digits.

This is like a company that puts up draconian password restrictions, does not trust just hypervisors but also switches, cables and the air when it comes to DMZ but at the same time has the SAME admin credentials for every customer and their own environment that they NEVER change. So basically, every fired employee could walk into a customer's office and connect to just about anywhere.

This discussion is like trying to fix a nail hole in your barn when somebody's blown through the barn door with a tractor.

Re:Paranoia

[rhsanborn]

It's better to ask these questions now, before we do have things to hide, like ebanking info. It's been considered that chip-and-pin would eventually push the liability for lost funds onto the consumer on the assumption that the consumer was negligent in losing his PIN. Bitcoin is another example of a thing that if you lose it, it's gone. It's not mainstream now, but I have heard of the Canadian mint experimenting with encrypted digital copies of it's currency (to allow electronic transactions, but ostensibly to make sure the Canadian government is notified of transactions so they can take a tax cut). It's conceivable you would have little to no recourse in recovering these funds. It's better to have the tools before we need them.

Re:Paranoia

[EdwardFurlong]

Do you want to find out if the bank really is liable? How many hoops, lawyers, and time will it take to be resolved?

Re:Paranoia

Am I the only one who thought to himself "Do I actually have anything to hide that would justify this much effort?"

Yes. You don't know what you're doing today that, at the moment, is perfectly fine, legal, and socially acceptable... but in ten or twenty years will be considered a vile pastime, obviously deserving of immediate firing if not incarceration... or a trip to the gulag.

Re:Paranoia

This is like a company that puts up draconian password restrictions, does not trust just hypervisors but also switches, cables and the air when it comes to DMZ but at the same time has the SAME admin credentials for every customer and their own environment that they NEVER change. So basically, every fired employee could walk into a customer's office and connect to just about anywhere.

Yeah, it's amazing how many people commenting here are missing the blindingly obvious. While users typically are bad at choosing a strong password that problem can be easily solved. The one problem that has yet to be addressed is the lax policies of the corporations which are negligent in handling the DB with the passwords. Many (most?) break ins occur because of a security failure at the server, not because of a brute force attack on individual user accounts. Solve that and a lot of the problem would go away.

Re:Paranoia

[Woeful+Countenance]

I seem to remember a case in Britain a few years ago: a man found that his bank account had been broken into and some money stolen. He reported this to the bank. The bank had him arrested on suspicion of fraud. They claimed their security was so good that no one could possibly have broken in; therefore, ipso facto, he must be lying. He must have withdrawn the money himself and was fraudulently attempting to get a reimbursement. He was eventually exonerated, but the experience is not one to be recommended. In that case, the bank itself was at fault, but for me to believe that a bank would be liable in case someone stole my password from me seems like wishful thinking. In the US, there are specific laws limiting liability for lost or stolen credit cards; I think these have now been extended to debit cards, but I doubt they apply to other bank transactions.

It's been done

This was a standard feature of the password keeper in Ericsson phones 10+ years ago.

duress password

this would be improved if the password manager provided a password that when used, an alert was issued and actions were taken

Pointless

This security mechanism is pointless. The only way that this would work is through obscurity. If you know the algorithm to check the data file itself in the same way the password manager does, you just offline attack the actual database. Once you reverse engineer the password vault software's behavior, you can go straight to the file instead of being a dumbass and typing things into the program itself.

I can't think of a single attacker (other than maybe a teen's mom) that would repeatedly type passwords into the vault's frontend. The solution for that is already straightforward: use a secure password instead of your dog's name. For non-trivial brute-forcing, attackers should already be using a heavily customized program to brute the store itself.

Re:Pointless

[F.Ultra]

+1

Re:Pointless

[asc99c]

Which is the clever bit if your read the TFA:

We take a significantly different approach. Instead of explicitly storing decoy vaults, we construct single ciphertext which, when decrypted with any wrong master password, yields a decoy vault that appears to have been sampled from the distribution of plaintext vaults (across the entire user population). This approach is inspired by the theory of honey encryption [23].

Still not certain I understand how that works, but it certainly isn't an obvious or trivial approach to take.

Re:Pointless

I have a hard time believing that any master decryption key will yield only ASCII values for all of the passwords. It seems that it would be pretty trivial to test for an all-ASCII dataset across a large number of bytes of passwords. I would need to see the full details of implementation and am both ignorant and skeptical of honey encryption when it comes to storing ASCII data. Interesting if they actually get it to work with that approach...

Locked out

[Xian97]

The problem with giving out a fake password would be that the real user ends up locked out of sites or systems due to too many bad password attempts.

Unnecessary

[SeriousTube]

I use a password manager. It has a very strong a password on it. Is it really that hard for people to remember just one really strong password?

Re:Unnecessary

[ledow]

When I was a child:
My parents used to know the phone numbers of every family member off by heart.

When I was a teenager:
I could recite pi to hundreds of decimals places after creating a program that ran on an Amstrad PCW9256 to calculate it (I had to check the answer!), and I still can just from memory. I memorised an entire Shakespeare sonnet just because I needed to for a drama production. I still know it - word-for-word - to this day.

Since then:
I memorise and use dozens of passwords every year. I have separate "levels" so all the really secure stuff with my bank is one set of passwords and all the dross forums I frequent are another. Even if I forget WHICH password it is from the set, I can get it within a couple of goes because I have them all in my head and know what information the site contains about me and, thus, what "level" of password is required.

I unconsciously pick up other people's passwords when they type them in front of me (and I have to ask them not to).

So I have a great memory? No. My memory is atrocious. I forget to phone everyone, I forget what I was doing several times EVERY single day. My girlfriend honestly thinks I have Alzheimer's because I forget so much throughout the day and she knows I'm not just using it as an excuse. I can't learn her native language as my brain can't hold enough of her language to cope.

If I can memorise a handful of passwords, and the average person only needs 5-10 passwords for EVERYTHING altogether, then there's really no excuse. Hell, most of my passwords are muscle-memory and I have to imagine a keyboard to tell you what they actually are.

We all have the capacity to memorise enough information that a password is not worthy of special measures and software to hold it. It's just that we don't bother to do so, whereas we used to (for phone numbers etc.)

Re:Unnecessary

[SeriousTube]

If you aren't famiiar with password managers they ease a lot of pain. You won't need to remember those insecure passwords for unimportant sites or even the secure password for your bank, just the one for the password manager. Lastpass.com will lead you to one of them.

Re:Unnecessary

[ledow]

I do not trust any software with my password. Sorry. Certainly not EVERY password I have - some of my passwords literally only exist as a hashed and salted version, and in my brain.

Nor would I trust a basic user downloading something that claims to hold all their passwords, or to know to only put their "master" password into that app, or to not forget their master password, or to install it on all the devices they have so that losing their phone / laptop doesn't lose all their passwords etc. It's a silly idea.

Compared to just remembering a small handful of passwords, it's just laziness at the cost of the illusion of security. If you can remember one password, you can remember five with a bit of effort. And you still have to generate all those intermediary passwords for every site you go on, every forum you join up to, every account you need, etc. so you don't gain anything in terms of time. Just remember three decent passwords and two really crappy ones (for forums you really don't care about, etc.).

If one is ever compromised, jumble them up. If all are compromised, you have bigger problems but then just memorise five new ones.

Honestly, things like LastPass are BEHIND users not being able to remember passwords. We're literally just getting lazier and losing mental capacity that we've ALWAYS had available. And, at least in my case, I know that there are passwords to things (that signed other things, that generated longer passphrases, etc. on offline machines) that honest ONLY I can possibly ever know. The second you introduce third-party software, that's not true any more.

Re: Unnecessary

[EmperorCookie]

Are you me?

Re:Unnecessary

[rokstar]

I juggle around a half dozen or so strong passwords on a yearly basis in the same way you do. I also was wary of trusting my passwords with some sort of password manager, then I started using pass. If you trust gpg and can do a 600 line audit of a bash script (which is feasible for one person to do by themselves), you get a really nice and simple cli password manager. Oh an no cloud stuff, you can use git to make backups however to other machines or just tar up the password directory every now and again.

Deception

[Dan+East]

Deception is a valid form of security, similar to obfuscation. It should not be relied upon, but it is merely another layer. In the early 90s me and some buddies ran a multi-node BBS. One of the admins used the same password on another BBS, and someone was able to log into our system using his admin account. So to prevent that from ever happening again, I wrote a script that, for the three site admins, would also ask for their birthdate every time they logged in. If an incorrect date was entered a single time, the account would be locked. Thing is, it wasn't our birthdates that we had to enter, but just another very short password that we could enter really easily. So an attacker, if they got to that point again (obtained the password), would give it their best guess (or perhaps even research to find) the admin's birthdate. If any date was entered at all (containing two slashes or hyphens) the account was immediately locked, because the expected password was just a couple letters is all, and anyone entering an actual date was not an admin.

Re:Deception

Sorry, to the Slashdot crowd that would be security through obscurity and worthy of derision, even if it was effective for your purposes and prevented dozens of would-be hacks on your server.

Here we only care about theoretical threats from sources that don't exist in reality, and anything that isn't 100% mathematically perfect is useless.

Re:Deception

[stud9920]

So anyone could render your account inoperative by just knowing your login and entering wrong info ?

Re:Deception

Reading comrehension

would also ask for their birthdate every time they logged in

Re:Deception

This is an established/pre-existing problem outside of the scope of the original post.

If I know your gmail address then I can lock your account - but only for a period of time and from a specific device. So, yeah, sure, if you can get to the device I use most often to log in to gmail then you can inconvenience me for a short while. But sicne that is my smartphone which I carry around with me ... the chances are that you having your hands all over my smartphone is probably a bigger inconvenience ... and you have probably been shoulder-surfing for my smartphone login ,,, again, nothing to do with the password manager.

Go ahead, have a blast. Doesn't affect me.

You don't need to hack my password manager to do this.

Re:Deception

[sudon't]

Right. These "security questions" web sites have you set up now, like "mother's maiden name", and such? I use some completely unrelated information. That way, if someone does the research, or an ex-lover wants in, they won't be able to use that information.
But having your password manager compromised is a rare situation. If everyone used them, and used them properly, we would have no need of these two-step authentication schemes.

worse than bad! (information leakage)

so then my password manager opens up and tells them about accounts they did not know about ..
and gives them access to all the files i store in there? no.

Security by obscurity = Camouflage

Everyone in IT circles automatically puts down any technique that is "Security by obscurity", but no one in the military (or mother nature) would say camouflage does not work. There is a time and a place for it. Sometimes, just the camouflage alone is sufficient to stop an attacker. Combined with other measures, it is a proven to be effective.

Re:Security by obscurity = Camouflage

[ledow]

If someone has access to your password management software, and the ability to test out passwords on it and get "the other" passwords back (real or not), then it's a fraction of a portion of a miniscule slice of a second to test whether that password actually DOES anything.

At worst, it'll make it slightly easier to trigger password attempts logins. But at best, something is still brute-forcing your password-management that holds every password you have.

Camouflage works in real life. It doesn't work against computers that are capable of billions of operations a second and can see if there's something under the camouflage within a microsecond.

If anything, just analysing the response pattern of "give the real password" versus "make up some rubbish to feed this spammer" is enough to tell you stuff about the system as a side-channel attack.

Camouflage works by some forms of secrecy only - someone doesn't know you are there. It does not work by there being a hundred camouflaged tank-like things out on the battlefield, 99 of them made of wood, and advertising that fact. Because when you fire the first shot, they know which one is real.

Poor analogies are the worst thing since unsliced bread.

Re:Security by obscurity = Camouflage

You're forgetting latency. A cracker might have a fancy GPU that can churn through billions of guesses a second, but if every guess generates a set of passwords that has to be checked then every guess needs 10ms or so to try to log into a site with the offered password. You've just reduced their attack speed from a billion guesses a second to a hundred. (I'm not sure what kind of network topology you're sat on where you can try to log in to a website within a microsecond!)

This isn't really about camouflage, it's deception. And as a form of deception, littering SE England with hundreds of wooden tanks was exceptionally successful in disguising the true target of the D-Day landings. Similarly this seems pretty effective at hiding whether or not the returned passwords are real or not, necessitating a delaying check after each step in the brute force attack.

Re:Security by obscurity = Camouflage

Not really, the attacker will check against known plaintext. There is always known plaintext unless you only encrypt random passwords, which would make the whole thing a very leaky and inconvenient manager.

Re:worse than bad! (information leakage)

[EdwardFurlong]

Yeah.. my thinking also... this thing seems kind of silly anyway. Seems like they would know pretty fast none of the passwords work. Maybe if they worked with the sites and had a "distress password" which would open up a fake account and start logging information. But again, lots of complication, if they have gotten to your password manager there is already a problem.

This makes no sense

[Terry95]

I assume this solution would be based around the app providing bogus passwords if you enter a bad master password. I suppose that would be something you could do for foiling the petty pickpocket or keystone cop. But surely any attacker that actually plans to succeed will use a cryptographic attack against the data store, not poke random keys on the UI.

I have wondered before if security could be improved by storing an encrypted file inside another encrypted file, ideally with different schemes. But from a serious attacker standpoint I don't really know what I'm talking about. It sounds good, but probably would only prove vaguely annoying, rather than mega-secure.

+1 Funny

[matthias.loeffel]

I wish i had mod points left :-)

attack , attack

when it consisentently give up passwords you can log in with - your in

Simple solution

[goombah99]

All the password manager needs to do is take the name of the account want a password for, tack on the ow manager password, hash it. That's what it returns as the account password

There done. No need to check if you entered the right password for the manage. No need to even have a password management database. Or pay for anything since it's a one line perlscript. Since the ow manager has no clue if you entered their right password or not it won't give it away. One can think of embellishments to allow you to change your password

Re:Simple solution

One slight problem with that. There are a lot of websites that have their own password limitations, so a randomly generated password may not work.

Ideally, it would be nice to have a PW program both store passwords that are exceptions, but generate everything else from a seed.

Even better, if it stores/syncs on the cloud, it should use a public/private key mechanism (or at the minimum a keyfile copied from device to device) for every device syncing with it, so the data on a cloud provider can't be brute forced by PW guessing.

Re:sPhit

[JazzLad]

+1 Using this image as a keyfile will certainly make your stuff safe (and if you lose it, you can count on it being posted to every /. article ... ).

Old, Plugin exists since long time ago

Firefox has had a plugin for a long time, the "PassHass" from wijjo.
I have used it for a long time.

https://addons.mozilla.org/en-us/firefox/addon/password-hasher/

Get of my lawn!

Comment removed

[account_deleted]

Comment removed based on user account deletion

Wrong Word

The word is "jig," not "gig."

Tamper Reactive

[edtice1559]

Have the password manager generate multiple passwords for each site. Associate each one with a randomly selected image. When the user wants to retrieve the password from the password manager, show all of the images and associated passwords. User will know which password is the correct one and which are equally-random gibberish. However, anybody cracking the database has a set of key-value pairs. The user would know which image is correct. An attacker not so much. The database doesn't know which one is correct, so cracking it doesn't add much value. You have to try the passwords at random and risk getting locked out. Would probably make hacking the password manager uneconomical unless you are a *very* high value target.

Missing slashvertisement - I mean github link etc

https://pages.cs.wisc.edu/~rch... has a github link and the original paper...

Obligatory XKCD link

[YutakaFrog]

I can't believe I don't see this anywhere in the comments yet, but this is the bigger issue at hand. https://xkcd.com/538/

Re:Obligatory XKCD link

[Jeremi]

Of course, the wrench technique only works if the attackers have physical access to your body. Most Internet hackers aren't going to be located physically near you (and hopefully most of them wouldn't have the stomach for that either).

Might help if they're not all fake

[John.Banister]

There exist a number of entries in my password manager that wouldn't cause me concern if someone learned the password, mostly login-to-comment stuff, but also a few merchants that don't have any payment information stored. If a password manager is going to give out fake passwords, it might help to have a "keep it secure" check box for making a new database entry. Then, those passwords would be available and pass a test when login to the password vault program fails, and also, if I'm using the vault to look up one of those passwords, I don't have to use my real password to the vault in order to gain access to them.

...and how does the system tell...?

...the difference between a hacker and a user who has forgotten how to unlock the password manager? now, he has wrong passwords for his accounts, and they all lock too. terrific.

Slightly connected....

[jolyonr]

This reminds me of a question I had about securing a linux server.

We all know it's quite good practice to move the SSH connection from port 22 to some arbitrary high port. But of course if attacker finds nothing on port 22 he's just going to start port scanning until he gets it.

Way better would be for port 22 to respond as a valid SSH server but to reject ALL username and password combinations EVEN THE CORRECT ONES.

Only drawback I can see is when I forget I moved the SSH port and get confused when my password doesn't work. But apart from that...

This seems so obvious that I am sure something already exists to do this. Sadly my primitive google-fu didn't find it.

Jolyon

Re:Slightly connected....

Moving SSH to an obscure port serves one important purpose:

It reduces the number of alerts in the system logs by a few orders of magnitude. Less alerts = more likely that you'll notice when someone starts hammering on your door for real.

99% of the automated attack tools out there will simply check port 22/tcp and move on. A few will scan the lower 1024 ports, but that requires them to spend more time on your system rather then other systems. For real protection, you force the user of public-keys combined with 2FA (two-factor authentication).

Re:Slightly connected....

[allo]

its key OR TFA.
if you log in with a ssh-key, PAM is skipped and your TFW-scheme is not invoced.

Re:Found car keys? Do u still look for them?

[awing0]

So the car is like a fake car that drives you to the wrong building? Or does it do its best to kill you somehow?

Truncates password to 8 chars

[perpenso]

I don't get it either but it's not "stupid" per say since it will get you (if you use the standard 2048-bits size) a password with a length of 372 that is infeasible to crack.

Except when a site truncates the password to 8 characters.

Re:Truncates password to 8 chars

[F.Ultra]

Yeah, you're fucked then, one wouldn't be too surprised if such a site also stored the password in plain text using a varchar(8) in their database.

Automated attack

[perpenso]

Why would an automated system need to attempt more than one login with the "password" from the manager? Its not like it has to worry about typos.

Re:Automated attack

[E-Rock]

Because this system would show the attacker an account and password for every manager password entered.

With a normal password manager, the attacker is told if they're right or wrong. With something like this, when it tries Password! on the manager, it gets results, just they're wrong and it has to try to use one to find out. Then it tries Password1 on the manager, gets results, has to test, etc. So it has to add a verification step and not just attack the password manager. Of course, you're likely to lock out the account you're using for verification before you hit on the right password.

It takes offline brute-force to online brute-force

[allo]

now: crack the master password with five million guesses per second on your cluster
then: search the ten services with weakest security (as many guesses as you want), start to brute-force the generated passwords for random master-passwords until ones works with 10 services, which allow one (confirmed correct/incorrect) login in two seconds. And may inform you of the cracking attempt.

This is still security through obscurity

It only changes the name of the game...

Instead of state-based brute forcing it will be time-based, considering a scenario where all the "bad passwords" take less time to decrypt than the correct one.

Re:The digital version of having a couple of post-

[mgcarley]

Don't be too sure. I recently had a 5x8" notebook (the physical paper kind) stolen while I was at a customer site (accessible to the public). They didn't take my wallet, tablet, phones or tools, but the notebook and pencil vanished. It even had my name & phone number in the cover, but, nothing.

While it didn't contain any passwords (ok, it contained one IP address/router admin password but I changed it as soon as I got back), it did contain notes from that night that I would have liked to have for wrapping up, as well as notes from other customer sites (switch and port information, but nothing beyond "this cable goes here" sort of stuff) and other things that I think of while out and about (and trying to store such things on my tablet is more arduous than pulling out the notebook and pencil).

Fortunately, most of my notes get transcribed to some form of an electronic version every other day or so, but those don't always come with the other things you can only really get when you draw something on paper (like lines connecting one idea to another) - and even though I didn't "lose" much, it still makes me very uncomfortable that someone else may have *any* of the information (assuming they can make sense of it or even read my handwriting).