An Algorithm For Better Password Checking

New submitter della writes: Password checkers — those things that tell you whether your password is strong or not — are good: various studies have found that they make users choose better passwords. Unfortunately, nowadays attackers use probabilistic strategies based on natural language processing to guess passwords earlier, and most checkers consist of heuristic rules that don't reflect well probabilistic attacks. To do better you could in theory simulate the attack, but if your password is not that bad, that would be very expensive or just unfeasible.

In a paper I wrote with Maurizio Filippone and presented at ACM's CCS conference, we show how you can take an attack model and a password, and through a simple formula come up quickly with a reliable estimation of how many guesses that attack would need to guess the password. You can use this to roll a better password checker, or — as we've also done in the paper — to compare different attacks.

STOP IT!

Stop saying my password is bad. If I make it more complicated, I won't remember it. So it would be even worse.
And making me change it every now and then is even more stupid.

Re:STOP IT!

[sysrammer]

Yeah, I give up.

(plasters stickynote on monitor)

Re:STOP IT!

Stop saying my password is bad. If I make it more complicated, I won't remember it. So it would be even worse.
And making me change it every now and then is even more stupid.

Preach it, brother! The other day I had to reset my password; we have to do it every few months now. Lately, I had been reusing the old password with enough change to make it get past the checker denying it on the basis that it was too similar to the old password. Well, this past time, I had apparently hit the limit and the checker denied my new password because it was too similar to the old one. I started trying out completely new passwords but each one kept getting denied. Finally, in desperation, I tried something like "KillTheSysadmins". Nope, didn't like that, so I tried something like "Ki11Th3Sys@dmins!" Still didn't like that one. I finally had to fall back on a superlong password that I used for a few other accounts. I don't like using the same password for multiple accounts but I was desperate. And, yes, I did really feel like killing the sysadmins. But, alas, they are just implementing rules put in place by their bosses, so I guess it really isn't fair to blame them for this one.

Sick of Passwords

I don't even care if they're secure or guessable or lexographic or written down or whatever other bullshit I'm supposed to care about.

I am sick of these bullshit passwords and signins fucking everywhere. Every single site, every single service, every single day, input this, email that, account name, please re-enter, confirm, mandatory, change must contain a two numbers, must contain capital letters, cannot contain special characters, forgotton your password?

I've given up. Fuck it. I'll just lurk, post anonymously while I still can. I must have over 200 accounts out there and I just don't care anymore. It's too much effort to remember all this bullshit anymore.

Re:Sick of Passwords

I've given up. Fuck it. I'll just lurk, post anonymously while I still can. I must have over 200 accounts out there and I just don't care anymore. It's too much effort to remember all this bullshit anymore.

I've found a handy rule of thumb seems to apply in these situations. The more complicated the authentication procedure is, the less important the information that the authentication process is guarding. A couple of examples may illustrate. I had helped my mother to initially set up her on-line bank account; after a bit of protesting I finally got her to choose a strong password that would resist all attempts to be cracked by a simple dictionary attack. After a year or so, the bank directed her to change the password; she chose something that was shorter, easier, and ultimately very easy to crack by just about any script kiddy. I gave up trying; but I did suggest that she should hold onto that email that the bank sent out telling her to change her password; I think she should sue if ever it came to a breach because of a weak password. My second example comes from the training modules that we need to complete on a quarterly basis at my workplace. They are typically computer based training. Some of these require a complex set of passwords and security questions to authenticate. All of this just to make sure that no one else can print out a certificate verifying that, yes, I did complete "Information Assurance" training? Is this really worth such stringent protection measures?

Of course, all of this password security theatre conveniently overlooks the fact that most of the big attacks that have leaked customer data typically occurs because the business in question was lax in their security procedures.

Password1

[sims+2]

Lots of things really don't need highly secure passwords but insist on having ridiculous password requirements.

Case in point Xbox one must login to microsoft account to setup for the first time password must have at least one capital, at least one number, at least one symbol and at least 8 characters Password1~ is an acceptable password. Pita to type on xbox controller.

Netflix is a model for reasonable requirement's especially since it likes to log itself out at random. So less to type on wii remote is a definite plus. 4 letters minimum 0000 is an acceptable password.

Re:Password1

[buchner.johannes]

at least one symbol and at least 8 characters Password1~

This leads to extremely common patterns, or classes of passwords such as ULLLLLLLDS, which can be pre-computed for cracking.

Knowing the 30 most common such topologies and allows an attacker to crack 90% of all passwords (according to leaked password lists).

Smart password checkers like the one of Kaspersky take that into account https://blog.kaspersky.com/pas...

Here is a talk https://www.youtube.com/watch?... and some material here: https://blog.korelogic.com/blo....

Re:Password1

[bondsbw]

Pita to type on xbox controller.

To be fair, anything is a pita to type on an Xbox controller.

Re: Password1

How about the fucking device just do a single-signon with some key stored locally on the device.

It is fucking stupid to have to sign-in with a password to a device you have physically in your house.

If the device gets stolen: then you go to the website where you go through the "forgot my password" crap to sign-in and deactivate the device.

Re:Password1

[khasim]

I think an even easier approach would be to maintain hashes of the passwords and forbid anything that matches an existing or previous hash.

Of course the forbid process would take 1 second in order to block brute force attempts.

And you can pre-seed the database of hashes by using various dictionary lists and other sites' cracked password lists.

Over time you'll end up with unique passwords for all users that are not in any of the dictionaries.

Also, demand "pass phrases" instead of "passwords". 15 characters or more.

And use as much of the keyboard as possible. If your password system can accept ALT+15 then so much the better.

Re:Password1

I agree. If I just want to post a remark or ask a question on a forum, there's no need for a strong password, and password strength checkers can be really frustrating and are often very buggy. (Case in point: Stackoverflow's password strength checker sometimes lies about the reason it rejects a password.) And for what? Say someone breaks into that account, what can they do with it? The most damage they can do is posting a message to the forum saying I already found an answer somewhere else. Literally.
And given the internet as it is today, chances are, the next time we want to post something on the same forum we won't remember our account name, let alone our password, and maybe not even that we had an account. There are hundreds of sites on the internet, we shouldn't even be asking our users to register, it's completely unreasonable, let alone ask them to think up a password with lower case, capitals, digits, special symbols, no repeated strings, and so on and so forth, just to post something on our little forum.

Re:Password1

[aaaaaaargh!]

I think an even easier approach would be to maintain hashes of the passwords and forbid anything that matches an existing or previous hash.

You can use a good bloom filter implementation for that.

Re:Password1

[ultranova]

I think an even easier approach would be to maintain hashes of the passwords and forbid anything that matches an existing or previous hash.

Thus giving an attacker a handy way to simultaneously brute-force every account on the site. That's a horrible idea.

English is not Spanish

heuristic rules that don't reflect well probabilistic attacks

In English, the direct object ("probabilistic attacks") immediately follows the verb ("reflect"), as in "heuristic rules that don't reflect probabilistic attacks well". The adverb ("well") is placed either immediately before the verb or after the direct object.

See this page for more explanation. Please don't consider this an attack on your grammar, but rather a gentle nudge in the right direction. What you wrote may sound good in a Latin language like Spanish, but to a native English speaker, it's butchered.

Re:English is not Spanish

[mrbester]

In written English what was written was grammatically correct. To a native English writer, using an allowed spoken form as the measure of grammatical accuracy shows you're an American.

Re:English is not Spanish

heuristic rules that don't reflect well probabilistic attacks: WRONG!
heuristic rules that don't well reflect probabilistic attacks: CORRECT
heuristic rules that don't reflect probabilistic attacks well: THE JUDGES WILL ALLOW IT

Re:English is not Spanish

No, GP was correct. Written English is certainly a different set of registers from spoken English, but the original sentence is grammatical in neither. The original placement of "well" does not satisfy the correctness conditions of English syntax. It's not idiomatic. It's wrong.

Re:English is not Spanish

[TechyImmigrant]

No, GP was correct. Written English is certainly a different set of registers from spoken English, but the original sentence is grammatical in neither. The original placement of "well" does not satisfy the correctness conditions of English syntax. It's not idiomatic. It's wrong.

I didn't well understand that.

Define better

[jklovanc]

various studies have found that they make users choose better passwords.

By better do you mean harder for computers to guess or easier for users to remember and not have to write down?

Re:Define better

[bondsbw]

Writing down a complex password is generally better and more secure than using a simple one. Attackers in China can't get into my desk drawer, and the lock keeps most who have physical access out.

Re:Define better

[jklovanc]

Attackers in China can't get into my desk drawer,

Neither can you if you are not in your office.
Pass phrases are easy to remember but don't follow the "at least one caps, special character and number" general rule. "unicornscraprainbows" is a pretty good password.

Re:Define better

You do whatever floats your boat.
Keeping a note in your wallet with the password is safe enough. Without knowing the login and computer it is used for the password itself is meaningless and your wallet is safe enough for your credit card and money.
Using your phone for storing password is less safe, but people who you don't know are unlikely to know what computer it is used for.

As for testing if a password is safe or not number crunching in any way shape or form is interesting but still only analytical. The only thing that matters is the tools the attacker uses to brute force the password. Testing against the same tools an attacker would use is the best option.
"123" is a safe password if the attacker never guesses it.

Re:Define better

I tried pass phrases for a while, but the more chars to type, the more chance that I accidently hit two keys at once, or a key not hard enough, or twice because of bouncing.
This then resulted in me having to retype the phrase several times over, which was a serious PITA.

Re: Define better

Lol this happens to me everyday.

Funny, my password is Thishappenstomeeveryday1$

Re:Define better

[mjwx]

various studies have found that they make users choose better passwords.

By better do you mean harder for computers to guess or easier for users to remember and not have to write down?

Yes.

Re:Define better

[reboot246]

Why would a unicorn be in the scrap business, and can you really recycle rainbows?
That's how I first read it - unicorn scrap rainbows, instead of unicorns crap rainbows

You have a point, though.

Read the paper. Disagree with "symbols"

[xxxJonBoyxxx]

>> Symbols appear to be less predictable and placed in different locations of the password

I disagree with the paper's conclusion based on the passwords I've seen, which FREQUENTLY just end in a "!" or other common character. Here's a different paper that goes into symbol frequency; I pulled out the relevant bit.

In almost all cases (90%), only a single special character was used. The most popular special character sequences were all single characters: exclamation point (“!” – 29%), period (“.” – 19%), “at” symbol (“@” – 15%) and hash (“#” – 14%). These were followed by the single dash (“-“), dollar sign (“$”), space (” “), asterisk (“*”), and plus sign (“+”), each making up between 3% and 6% of the single-character special character population. Passwords containing multiple special characters mainly (68%) just repeated the same special character, such as “##” or “???.” - http://resources.infosecinstit...

Re: Read the paper. Disagree with "symbols"

My password:

      ; drop table users;

Helps weed out the crap implementations.

Re:Read the paper. Disagree with "symbols"

[MobyDisk]

1) Some systems limit which special characters you can use!
2) I bet people don't like to use parenthesis, brackets, or braces because seeing mismatched pairs seems "wrong." Or maybe it's just programmers.

Re: Read the paper. Disagree with "symbols"

[sims+2]

https://xkcd.com/327/

Re:Read the paper. Disagree with "symbols"

[Guybrush_T]

Sooooo True.

That's what happen when you fight against human beings : they work around you. We're constantly told that adding a special character makes your password so much stronger ... those people must be morons to think that because they enforce a special character, people will start using randomly generated password. We're human beings, not machines, so we'll choose myusualpassword1! and not 4@dE^5%3SfdSF because the first is so much easier to remember.

And that's actually fine : we're now all using web interfaces to login which are able to slow down the try rate so that a 10000-ish complexity is enough for most cases.

Re: Read the paper. Disagree with "symbols"

[RoccamOccam]

True story - my brother and I were at a financial services institution to take care of my mother's accounts when her Alzheimer's took over. So, he's creating a password and the system wouldn't take it -- it kept giving an obvious database error (not something that would normally be shown to an end-user). He showed me what he was typing and it contained a single-quote, something like "Mom's account". I told him to take out the single quote and it was happy.

I insisted that the representative get their developers on the phone, immediately, which she did, and then I had her relay my concerns about their obviously vulnerable design.

Re:Read the paper. Disagree with "symbols"

[The+Raven]

You failed to demonstrate your point. You show that symbols are not used in a way that would create the most entropy in the password. But that's not what the statement said... it said that symbols generally add more entropy than capitals or numbers. And unless you also compare the entropy added by capitals (barely 1 bit most of the time, capitalizing the first letter) or numbers usually a 1 at the end, or just a few digits at the end (and even fully random digits are only 3.2bits of entropy per character).

Symbol usage may be poor, but capital usage is shit, and number usage not much better. So poor beats out shit.

Re: Read the paper. Disagree with "symbols"

and then a knock at your door and you're investigated for trying to hack a financial service.

Re: Read the paper. Disagree with "symbols"

Could you call Cloudera for me? Their very expensive Hadoop business systems screw up the AWS credentials for S3 storage. They fail on any credentials with a "/" in thee key string, which AWS's stupid credential generator keeps outputting randomly.

Re:Read the paper. Disagree with "symbols"

[Tom]

I think it is generally known and trivially obvious to anyone who has done any research or statistics on this subject at all that the requirement of special characters is a total failure and where enforced it actually reduces the search space instead of enlarging it, due to human nature and the simple heuristics you can use.

Personal responsibility

I still think it should be up to the person to choose a good password. Besides, it seems like most major breaches we hear about involve social engineering rather than actual password cracking anyway.

Re:Personal responsibility

[avandesande]

Except that if your company has no password policy and a bunch of bad stuff is done with a user's account, you can't hold the user accountable, because you are not sure that they did it.... and they were just following policy.

Also there are pesky things like getting audited that come into play.

Re:personal responsibility

And no one should make you vaccinate your kids, either, they should only make everyone else's kids be vaccinated.

Here's an idea

[Nidi62]

Stop making us change them every 3 months and we could come up with stronger passwords.

Re:Here's an idea

[gweihir]

Which is stupid anyways. If it is compromised by a competent attacker, then 3 months are far, far too long. If it is not compromised, then there is really no reason to change it.

Re:Here's an idea

[dbrueck]

Yes! Also, stop remembering the hashes of my past N passwords.

Forcing you to routinely change passwords, forcing the inclusion of mixed case or numbers or symbols, forcing you to not reuse a past password... net result is less security because most people will just end up writing their weird passwords down somewhere.

All of these restrictions aren't fixing the problem, just shifting elsewhere to be not the site's problem.

Re:Here's an idea

[ShanghaiBill]

Stop making us change them every 3 months and we could come up with stronger passwords.

None of the websites I use require me to periodically change my password. Are there any well known sites with this requirement?

Re:Here's an idea

[thoromyr]

that isn't a web site thing, its a corporate thing. 30-days is an all-to common scenario. Friend of mine worked in a plant that had a disconnected network (no Internet). They were forced to use "complex" passwords with 30-day expiration and a history of the last twelve. Which was entirely ludicrous: what were they defending against? No one from the outside because it wasn't a connected network. An insider will just use the same post-it note that the user put on the monitor because they can't remember the password of the month.

Of course, what often ends up happening is "P@$$word01" becomes "P@$$word02" becomes "P@$$word03", etc. so on and so forth. For environments that are connected to the Internet this is a serious problem. If an account is compromised the bad guy will have (on average) two weeks of fun. Then when the user changes the password if the bad guy somehow hasn't managed to establish persistence he just does the obvious increment and is back in.

The reality is that passwords don't make for good security -- its about the same as pretending the last four of SSN authenticate an individual or that knowledge of a credit card number means you are an account holder. What is needed is something more, like using a second factor (usually "something you have" in addition to the "something you know").

Re:Here's an idea

Well, statisically, you're not looking at 3 months, you're looking at 1.5 months. Given that you can't predict where in the "3 month cycle" a user will be compromised, assume that it'll be evenly distributed for many compromises of many users over time. Thus, you'd expect, on average, 1.5 months of vulnerability with a 3 month cycle.

Re:Here's an idea

Our company does this, so I change my password N+1 times every three months with the final iteration being my original password.

Re:Here's an idea

I assume they're talking about the various systems most of us use at work. My workplace password policies deserve these complaints.

Re:Here's an idea

[sims+2]

http://www.nicsezcheckfbi.gov/
Used to run background checks for guns in 36 states or so.
Password must be changed every 90 days

I think that should qualify as well known.

Re:Here's an idea

You can circumvent this.
a) Choose a strong/long/good password.
b) 3 months pass and you are forced to change it. Put something temporary there.
c) after you login with the temp password, go to your settings and choose to change the password
d) change the password to the one you made in step a.

(of course, if they store the hash of the previous passwords and compare the new passwords to the stored values, then you're screwed)

Re:Here's an idea

[gweihir]

And a competent attacker needs maybe a day. So this policy is exceptionally stupid even taking your argument into account.

Re:Here's an idea

About 20 year ago I was (briefly) working at a company where the passwords were automatically changed every month, and you found out what yours was by opening the envelope on your desk...

The Republicans will ban this...

because they don't want us to use strong passwords. Use strong passwords.

Re: The Republicans will ban this...

Why do liberals always repeat themselves?

Really no surprise

[gweihir]

I use randomly generated passwords of lowercase letters and numbers. Most "password checkers" tell me they are insecure. This just shows how bad they are. Bit it is good that somebody did a systematic evaluation of the problem. Maybe now the stupidity will decrease.

Re:Really no surprise

How long are they?

Re:Really no surprise

[ShanghaiBill]

I use randomly generated passwords of lowercase letters and numbers. Most "password checkers" tell me they are insecure.

A random 8 byte password using only lowercase letters and numbers is more than a quadrillion times easier to crack than one that also includes uppercase and special characters.

This just shows how bad they are.

No, it just shows that they are designed for the common situation where a normal person is using a mnemonic password, rather than a geek using something random.

Re:Really no surprise

[gweihir]

Depends on what security I need. Low-security: 8 chars, higher 12 chars, max 20 chars. That is 41 bit, 62 bit and 103 bit of entropy, roughly.

Re:Really no surprise

A password can be secure using only the letters 'A' and 'B' if it's of sufficient length.

Re:Really no surprise

119 bits for 20 chars A-Z,a-z,0-9

Re:Really no surprise

[gweihir]

Yes, but I found that the mix of upper and lowercase letters is far, far more difficult to remember than just lowercase ones. For more bits just make it longer. Incidentally, 80 bits is about the spot were it will be secure for "the foreseeable future", so 119 bits is not really any better than 103 bits.

Re:Really no surprise

[sysrammer]

A password can be secure using only the letters 'A' and 'B' if it's of sufficient length.

I'll call your AlphaBeta, and raise you the binary digits.

Re:Really no surprise

[serviscope_minor]

I used to do that:

head -c 16 /dev/random | md5sum

then use the checksum. A nice, full 128 bits of randomness, and frequently rejected for being insecure. Now I do:

head -c 10 /dev/random | base64

The nice thing about 10 chars is you always get == at the end giving the required symbols. The rest is of course 80 bits of randomness. Sometimes it won't have a digit, so you have to repeat.

Fix the bloody short limits first ...

[UnknownSoldier]

Some sites have a horrible password schemas:

* Want to put in 16 characters for a password (think passphrase)? Nope, not allowed because some idiot thought you shouldn't be able to enter more then 8 chars.
* Enter in a password only to have it rejected? Tell us _which_ characters are allowed and which ones aren't !

Re:Fix the bloody short limits first ...

[Bob+the+Super+Hamste]

* Want to put in 16 characters for a password (think passphrase)? Nope, not allowed because some idiot thought you shouldn't be able to enter more then 8 chars.

Sounds like my old bank. If I want to be able to use an epic poem written in the original language (we do support Unicode, right?) I should be able to, or if I am reasonably smart I should be using a password vault and should be able to enter 128 random characters if I want but far too many sites like to have a limit on password strength. I also like the stupid security questions they present as I just use them as an added source of entropy and are filled with other random chars. It is rather interesting when someone attempts to brute force your account and it ends up getting locked and you have to call the service center though.

Re:Fix the bloody short limits first ...

[fisted]

* Tell us _which_ characters are allowed and which ones aren't !

Yes, please. It will make the search space so much smaller!

Re:Fix the bloody short limits first ...

[Tyrannosaur]

* Tell us _which_ characters are allowed and which ones aren't !

Yes, please. It will make the search space so much smaller!

Implying that that would be good for attackers. If this is the case, why have the restriction in the first place?

bad article

i search in this article for the word "dictionary" and didn't find it, so my article-checker heuristic algorithm determined that this was not a good article. please enter another article.

Re:bad article

[sims+2]

This one was pretty funny; http://thedailywtf.com/article...

Protip flog is not a good password on a golf website.

Password managers

[LichtSpektren]

What's easier, teaching somebody who isn't tech savvy: A) how to use KeePass X or some other offline password manager; or B) to manually compose a bundle of strong, memorable passwords, to change them at least once a year, but not to re-use them, not to use them on any computer that could keylog them, and not to write them down or save them in plaintext?

The answer seems pretty obvious to me.

Re:Password managers

[mjwx]

What's easier, teaching somebody who isn't tech savvy: A) how to use KeePass X or some other offline password manager; or B) to manually compose a bundle of strong, memorable passwords, to change them at least once a year, but not to re-use them, not to use them on any computer that could keylog them, and not to write them down or save them in plaintext?

The answer seems pretty obvious to me.

Tech savvy people get passwords wrong as often as non-tech savvy people.

This is because passwords aren't about technology in as much as they are about risk and I've met a lot of very tech savvy people who know nothing about managing risk.

When it comes to risk, you have to quantify the risk and then classify it. What is the risk of this password being comprimised, what are the potential results of it being compromised, so on and so forth. A lot of people never think about these things.

To me, I've got various levels of security. Things that represent a real problem if they become compromised like my bank or work account are high risk, therefore high security. For these sites I use unique passwords, change them regularly and all the other cliche's, above all else I never save or write down these passwords. Then there are the moderate security accounts, things that dont represent a financial risk but would still be a huge PITA if comprimised like my Gmail account, these have a unique password but I rarely change them. I also save the passwords on what I consider a secure device. Finally there are low security things like forums where I just dont give a shit. I have a few generic passwords that fit varying levels of complexity requirements.

Personally I'd never use a password manager for a variety of reasons.
1. It's a single point of failure, if you lose it you're fucked.
2. It's a single point of failure, if it gets compromised you're doubly fucked.
3. Its a single point of failure, if you forget your password manager password... well you get the picture.
4. You need to keep it synced across all your devices, given that I have Windows, Linux and Android devices this is a pretty tall order to do securely. I imagine IOS would make it even harder
5. Password managers in various browsers are good enough for low security applications and dont require a different application installed.
6. Changing forgotten passwords are simple enough. The fact is we don't do this often however when we do it's usually annoying because it's when we're trying to do something.

I'd also recommend against others, especially the non-tech savvy from using password managers. Its better in the long run to teach them about security and techniques on how to deal with it. Sure it's harder, but realistically all other methods are flawed shortcuts.

Phonetic passwords

[goombah99]

I'm a big fan of random phonetic passwords. The work well for my brain. Even a short base64 random letter password is harder for me to recall than a long phonetic password. Look at that co-author's butter tasting name " Maurizio Filippone". It's totally awesome to say that out loud. And do that 7 times right now and this evening you will still be able to say it. But you won't be able to recall 5(F{!X45*~d tonight. It's pretty easy to generate these where each phonem or di-phonem component has a very large library. I once wrote such a generator as a test and would just give people ten at a time to choose a password from. One person said it was a good way to choose baby names too.

A way I've experimented with password recovery is to generate a very long sentence I can remember and hash this to a random number seed. Then generate rememberable phonetic passwords in order starting from that seed, then pick one of the first hundred you are offered. If you need to recover your password later you just have it recreate the password list again from that sentence. Your brain can easily spot the password you picked the first time.

This latter test convinced me that phonetic passwords are easy to remember. If I had tried the same seeded passwrod generator on base64 passwords it less likely i'd spot my favorite in the mix.

Re:Phonetic passwords

Nah, all you need is Correct%Horse®Battery©Staple. A bunch of common words - not really related and not a meme (well this one is, now, because of XKCD, but you get the idea) put together with semi-random symbols (and not just the ones above the numeric keys). Nobody is going to "break" that passphrase. It is too long, and too complex to easily break with either a dictionary, brute force, or predictive attack - yet easy to remember.

Re:Phonetic passwords

[vux984]

Sure. I can remember one of those. But seriously the (r) and (c) symbols ... pray you never need type that in on someone elses laptop computer with an international keyboard and no numeric pad or a smartphone keyboard... etc.

But more importantly I can't remember dozens of those.

And password re-use is a bigger issue than using a good password.

I use a mix of a password safe for most passwords, and subset of passwords i need to use commonly are 'algorithmic' based on what i need them for / the sites name / etc.

However, I try to keep the algorithmic ones to a minimum because if you ever have to change an algorithm generated password, it really sucks... because the algorithm you normally use can't be used... because that would result in the password you have now, that you can't use.

And as that starts to accumulate the benefit of algorithmic passwords rapidly declines.

Re:Phonetic passwords

[sysrammer]

Nope, seen this several times. Not easy to remember.

Re:Phonetic passwords

Sadly "Correct Horse Battery Staple" now appears in lots of online security courses as an example of a good password, leading to people using it.

Re:Phonetic passwords

[dotgain]

Nah, all you need is Correct%Horse®Battery©Staple. A bunch of common words - not really related and not a meme

Nope, Bruce Schneier debunked this https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html

Re:Phonetic passwords

[diamondmagic]

Bruce Schneier isn't usually wrong about this stuff, but it seems he's serverely mistaken into what the XKCD/Diceware method actually is. You're choosing four words totally randomly from a list of ten thousand or so. Knowing someone is using the diceware method, their password will (still) have 51 bits of security, way more secure than most passwords and even the scheme that he describes in the blog post.

Re:Phonetic passwords

[radarskiy]

Note that Bruce Schneier doesn't actually debunk it, he just assert that it is bad.

Compare that with the "Schneier Scheme" "take a sentence and turn it into a password." He thinks of a sentence and takes the initial letter for long words, the whole word for short words, a digit for number words or homophones of number words, and and a arbitrary list of some other manipulations. However, from a brute force perspective this is functionally equivalent to always writing out whole words since a password brute force algorithm and just as easily apply those deterministic manipulations in constant time. In addition, starting from a sentence constrains the word choice by the rules of grammar for language used. For a given number of words, the sentence is less random than the non sentence. The user must also remember which manipulations were used and not used, while it is no more difficult for the brute forcer to just try everything in its list of manipulations.

Re:Phonetic passwords

[radarskiy]

"But seriously the (r) and (c) symbols ... pray you never need type that in on someone elses laptop computer with an international keyboard and no numeric pad or a smartphone keyboard... etc."

The particular symbols are not important, they are just to appease any password strength algorithm. The actual value of that kind of password comes from the string of words than can be meaningful to the user without being statistically prominent.

Re:Phonetic passwords

[vux984]

The post I was responding to was specifically asking for symbol characters that weren't 'above the numbers'. (r) and (c) the examples given ... aren't even on most keyboards, and the methods for inputting them can be wildly variable, and a royal PITA to even know if you are doing it right if all you get as feedback is the usual asterisk.

Re:Phonetic passwords

[s13g3]

Re: parent, while the XKCD for this is more or less correct, the fact of the matter is that there is no excuse today for all passwords - even those for simple forums - to be fully salted and encrypted, with an arbitrary minimum length of 4 - 8 characters, a max length of at least 64 characters, and no restrictions or requirements whatsoever on character usage, because at that point, beyond brute force attacks (for which there are a wide variety of available defense methods, from simple to complex), it really shouldn't matter at that point what combination of characters are or are not used - at least in terms of a compromised user password database - and it should be up to the user in all cases to decide on their own level of security vs. ease of use, and in the event it is their own poor selection of password that results in a compromise, should be accepting of the consequences of their choices.

Stop caring!

[darkain]

Let's stop caring about password complexity! It is a losing game. Let's stick with simple passwords that are super easy to remember and type.

Security shouldn't be limited to a single factor. Two factor authentication is what we SHOULD be using. Something you know (the password), and something you have (some physical device). U2F is a damn perfect example of this. You can use your phone as an authenticator. You can add the authentication codes on multiple devices in case you lose the primary. These codes generate a time based sequence of numbers, so even if some MitM attach steals the entire login session details, it'll only be valid for at best ~1 minute.

https://en.wikipedia.org/wiki/...

Re:Stop caring!

I can't have dozens of RSA dongles for all my accounts. And there's no way I'm letting any closed source apps onto my phone.

Re:Stop caring!

You can use your phone as an authenticator.

Yeah, that's just splendid! That is, until someone steals your phone. I sure hope you protect access to your phone with a very strong PIN number. You do protect your phone with a PIN number, right?

Allow pass phrases

[MobyDisk]

From the article:

Making a password longer or including symbols was much more effective.

Yet so many systems limit password lengths and forbid special characters. Example: My bank is one of the top 20 largest banks in the US, and they do not allow special characters in their web banking.

Exactly. Converted my ext family KPX

Everyone has too many password to remember. I have it down to just 3 with ZERO online accounts memorized.

Explained password manager to a sister and showed her KeePassX on Linux, KeePass v1 on Windows and DroidPass on android all using the same DB. Suggested she try it for a week a few years ago at Thanksgiving. By Xmas, she'd become hooked and was teaching the other members of the family how as well.

Hearing it was easy from a non-nerd helped the others accept it.

A few tricks are needed:
a) think of all the different platforms/devices as read-only, except 1. That is the only place where edits should be made. This keeps confusion to a minimum.
b) Having the latest copy of the DB on each device "now" isn't really that important unless an important password/account change just happened. If you never use the lifehacker.com account on your phone, having a new password on the phone isn't really important.
c) The rest are good password strategies.
** use a different email/contact for important/financial accounts than for all the social stuff
** always different passwords
** always random passwords
** always as long as allowed by the online service
** 22-55 characters - they will never type them anyway.
** use any character the keyboard can enter. Not just alphabetic characters-this stuff is automatic if using the keekassX generator.

Since Mom died, we've also started sharing half/3rd of our KeePassX DB credentials with different family members. This way if there is an emergency, then family can work together to access the accounts. At death, this isn't important, but if you are in a coma-wouldn't it be nice if family could let your friends know via social media?

Think I'll be giving YubiKeys to everyone for Xmas this year.

Funny video about password management: https://www.youtube.com/watch?...

Why is this still a problem?

[lurker412]

I don't understand why brute force attacks can't be stopped by limiting the number of failed attempts on any given account name and password. After x failures on either, don't accept another attempt for y minutes. It can't just be stupidity, so what am I missing?

Re:Why is this still a problem?

[ledow]

Failing on attempts from the same IP? They spread them across millions of IPs

Failing on attempts on a particular account? Good luck explaining to your users why their accounts lock out every week and they have to come to you to unlock because of random people attempting to bruteforce them.

Failing on attempts within a time-frame? These things are long-running attacks, millions of attempts per second across the globe. They only have to get lucky once.

That said, it's not a brute-force that's your main problem. They only need one in and the number of vulnerabilities etc. mean they can move around. One password hash for one browser session or passwd file aand they can spend months offline on stolen hardware (Amazon accounts etc.) brute-forcing it not subject to your restrictions.

Brute force attacks are not a problem, you can rate-limit them into obscurity. But, like spam email, even with rate-limiting, if you're being bombarded en-masse while trying to operate normal services, and they are being clever, things can still slip through and it only needs one.

Weak passwords are brute-forcible even with rate-limits. Strong passwords aren't. They will obviously try weak ones first until they can get something which might give them a crowbar into a strong-passworded account (like, say, a local account not subject to the pass rate-limits on escalation requests).

Re:Why is this still a problem?

You're missing that someone steals the password database and starts cracking passwords offline, instead of through the website interface.

commentsubjectsaredumb

[Falos]

Fifty posts, didn't spot acronyms.

rrrybgdts
ttlshiwwya
ratrpfop

Nursery rhymes.

Here it is

[undecim11]

def IsPasswordHackable(password): return True

NO, they are no good.

[hyperar]

They make you choose passwords like JaNjwMownpJu81% which is pure crap, hard to remember, easy to bruteforce. Most sites won't let you use pass phrases, which are much more secure that those cryptic bullshit.

zxcvbn

[oojah]

I haven't seen zxcvbn mentioned before, a similar look at password strength from 3 years ago.

https://blogs.dropbox.com/tech...

Demo is here: https://dl.dropboxusercontent....

Personally I like the output of http://www.kurtm.net/wpa-pskge... for passwords:

o|IRcWY;g_V]C}9'.@]@,]!YF.[Yj{K@QmuFCo%%!=~+ab,e2(pU97{V-)Qm*T

Re:zxcvbn

[sysrammer]

How about the shibboleth "xyzzy"?

personal responsibility

[thinsoldier]

Services should not care about whether or not my password is easy to guess (easy to remember). They should only care about making sure nobody can hack into their data center and steal EVERYONE'S passwords.

Can't Browse Comments Without Javascript

Can't Browse Comments Without Javascript

Subject says it all.

Let's see if I can "post" this...

Diceware passphrase and a password keeper

I have memorized a couple passphrases with 10 diceware words for ~128 bits of entropy. Protect a password safe with a cryptographically secure passphrase and let it generate random passwords for you.

If you have to remember passwords for websites then diceware passphrases are faster to type, don't have special characters, are too long for rainbow tables or other brute force cracking, and most sites don't have ridiculous length limits any more.

Re:Arf5!

[davester666]

dammit. now I have to change my password.

Hardly Anyone Tries Password Cracking

In the real world hardly anyone bothers to try and crack passwords. And when they do they usually only try one or two very common passwords, mostly in the context of authenticated mail logins (because common MTAs such as sendmail don't even bother to log such attempts).

In the real world you can have a fairly simple password and it is perfectly safe. But there is a very large industry which wants you to believe that weak passwords are an enormous problem and that one needs to go to extraordinary lengths to protect one's passwords. They also want everyone to divulge additional private information in the guise of enhanced security, but that is not the true motivation.

yes, please!

[Tom]

This is exactly what we need. An approach that tells users who strong their passwords actually are in real-life scenarios, and not how well they conform to some arbitrary policy.

The alternative, that's been used by some for more than a decade, is to run your own password cracker at night, and everyone whose password it cracks by morning is sent a mail telling them to change it.

We desperately need to get away from these awful policies that try to make passwords as random as possible for two reasons. One, they are a total failure, people are very inventice when it comes to finding a password that will satisfy the stupid computer but still be easy to remember (and guess). Two, if you make it complicated enough, people will just re-use and write down passwords more. Congratulations, one step forward, two steps back.

Self-defeating strategy

By eliminating certain bit-permutations by classifying them as 'weak', you are effective shrinking the entire key-space that a brute-force checker has to search through, and thereby weakening the security of the entire system.

And that is without taking into account the fact that most people can't remember a 'random' 10-digit password; especially when they have to change it every 6 to 8 weeks.

If you have no issue 'trusting' a big multinational with your digital security, I would argue that a free(!) solution like Google Authenticator (or anything similar) will offer better long-term security then messing around with incomprehensible passwords.

Re:Arf5!

[invictusvoyd]

I think its cheaper to plug in a biometric scanner these days . Passwords are like the time when Stallman was at MIT.