This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

Password Haystacks

brenty
edited June 2011 in Lounge
<div class="IPBDescription">Creating long, strong, and MEMORABLE passwords.</div>We've had some great discussions in the past about [url="http://forum.agile.ws/index.php?/topic/1774-choosing-a-good-master-password/"]choosing a good Master Password[/url]. I was tempted to post there, but I think this is important enough to warrant a new thread and a fresh look.



It's no secret that I am a huge fan of Steve Gibson, Leo Laporte, and their weekly [url="https://www.grc.com/securitynow.htm"]Security Now! podcast[/url]. And in the June 2, 2011 episode they discuss what seems to me to be a new password philosophy -- a new way of thinking about creating passwords that are not only long and strong, but also [i]memorable[/i]: [url="https://www.grc.com/haystack.htm"]Password Haystacks[/url]. The site also has a great tool for testing passwords (but please [b]do not [/b]enter passwords you actually use into unknown webforms) and seeing in real time how any password can be strengthened by adding length and special characters in a memorable pattern.



I believe that as 1Password users, this especially applies to us. The Master Password is our main line of security against attacks on our data. We need it to be tough, but not too tough for us to remember. After all, keeping the bad guys out is great, but not if it means we end up locking ourselves out in the process.



So how do we accomplish this? I think it is important to split passwords into two categories:



[list=1][*]Passwords which 1Password can remember and enter for us.[*]Passwords we need to be able to remember and enter manually.[/list]

In the first case, great! That's what 1Password is for. I love not having to memorize all of my account passwords. This allows me to use stronger ones than I would otherwise, and, as I am incredibly lazy, having 1Password enter them [i]for[/i] me is just icing on the cake (mm...dessert!)



In the second case, however, I wake up to reality and find that there are a [i]few[/i] passwords I am just going to have to remember myself. In the case of my 1Password Master Password, my Dropbox password, and my OS X admin password I am again tempted to use weak passwords that are both easy to remember and easy to type...

[b]

[/b]

[b]Bad, brenty![/b][img]http://forum.agile.ws/public/style_emoticons/default/angry.gif[/img]



If I use a weak Master Password out of laziness, that puts all the passwords I have created using the [url="http://help.agilebits.com/1Password3/strong_password_generator.html"]Strong Password Generator[/url] and stored in my 1Password Vault at risk. It's like putting the deadbolt on the outside of the door just so I don't have to carry around a key![img]http://forum.agile.ws/public/style_emoticons/default/blink.gif[/img]



That's where Password Haystacks comes in. Using some "test" material, I can see that adding a few numbers here, changing the case there, and padding with a few symbols can turn a weak password into a strong one that is just as memorable!



While AgileBits cannot vouch for 3rd party sites and services, using this and other resources out there to educate ourselves about both the risks and our options for defense against potential attacks on our personal data is important.



I can't wait to hear what the rest of you think! <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/smile.gif' class='bbc_emoticon' alt=':)' />

Comments

  • Penelope Pitstop
    Penelope Pitstop Junior Member
    edited June 2011
    Thanks for posting the links to this very interesting piece of material Brenty.



    The links to the condensed segments of the podcasts on the Haystacks page were broken when I tried. In case it helps anyone else, the discussion on the password technique starts at 1:01:48 into the full podcast.



    What I found interesting about that page is the calculation of the time taken to crack an example with different technology scenarios. It allowed me to compare the strength of random codes generated with the 1PW random password generator with phrases generated by several other schemes including those generated by Diceware and by Apple for secure passwords for their Apple IDs.



    I like the idea for passwords you are likely to share or have to type in on something with a cumbersome typing mechanism e.g. WPA passwords and printers or iPhones.



    One question I have about this is, don't deliberate patterns of any kind make codes easier to break? Wasn't this the weakness of the WW2 Enigma codes that enabled Bletchley Park to break them? So I wonder if a hypothetical attacker had access to several of your passwords all using the same pattern, might that make it easier for them to crack?



    Personally I will stick to 1PW randomly generated passwords for everything that I am never required to type and Diceware for passphrases to protect something important e.g. my 1PW master password.
  • jpgoldberg
    jpgoldberg Agile Customer Care
    [quote name='Penelope Pitstop' timestamp='1307271302' post='28524']

    One question I have about this is, don't deliberate patterns of any kind make codes easier to break?

    [/quote]

    You are exactly correct. What I like about the Haystack page is the actual "haystack" metaphor. What matters is the number of alternatives you could arrive at using the same scheme.



    The problem is that the authors don't follow their own advice. If you generate a 20 character password with letters digits and symbols by following the Haystack scheme your password is still far more predictable (and thus weaker) than a random password of that length.



    So when [url="https://www.grc.com/haystack.htm"]that page[/url] says

    [quote]

    Which of the following two passwords is stronger,

    more secure, and more difficult to crack?



    D0g.....................



    PrXyc.N(n4k77#L!eVdAfp9



    You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two! In fact, since it is one character longer and contains uppercase, lowercase, a number and special characters, that first password would take an attacker approximately 95 times longer to find by searching than the second impossible-to-remember-or-type password![/quote]

    it is [i]mistaken[/i].



    They assume that password guessing programs will naively treat every 20 character string as likely as any other. But the people who contribute to password cracking programs are just as aware of these schemes as we are and take those into account when writing their programs.



    [quote]

    Personally I will stick to 1PW randomly generated passwords for everything that I am never required to type and Diceware for passphrases to protect something important e.g. my 1PW master password.

    [/quote]

    What is appealing about [url="http://www.diceware.com/"]Diceware[/url] is that it is the only scheme for generating strong memorable passwords that satisfied [url="http://en.wikipedia.org/wiki/Kerckhoffs's_Principle"]Kerchoffs Principle[/url]. The problem with Diceware is that it is 20 years old and so the pass phrases may not be strong enough to meet modern needs. I starting working on "Diceware 6" yesterday. Basically using a list of words that has 6[sup]6[/sup] words instead of 6[sup]5[/sup] words. The problem is that the words needed are longer and more obscure and so harder to memorize.



    Cheers,



    -j
  • NovaScotian
    NovaScotian Senior Member
    I was going to make the same comment; I would think that using "0" for "O", "5" for "S", "1" for "I", "8" for "B", "6" for "C", and so on, certainly enriches the possibilities for hard-to-guess/easy-to-remember passwords but I think punctuation where allowed is stronger. The number transpositions must be rather common.
  • jpgoldberg
    jpgoldberg Agile Customer Care
    [quote name='NovaScotian' timestamp='1307294962' post='28538']

    I would think that using "0" for "O", "5" for "S", "1" for "I", "8" for "B", "6" for "C", and so on, certainly enriches the possibilities for hard-to-guess/easy-to-remember passwords but I think punctuation where allowed is stronger. The number transpositions must be rather common.

    [/quote]



    Indeed, these sorts of number transformations are already built into the "misspelling" modules of password crackers.



    Before I ramble on about this, I would like to point out that we shouldn't be insisting on perfection. We should be looking at how to substantially improve master passwords for people who have weak ones. But now back to the rambling...



    Let me elaborate a bit more on Kerchoff's Principle and how it applies to these sorts of things. [url="http://en.wikipedia.org/wiki/Kerckhoffs's_Principle"]Kerchoff's Principle[/url] has been stated in many ways. Here's one way:

    [quote]

    A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.[/quote]

    and here is another:

    [quote]

    The enemy knows the system

    [/quote]



    In our case the "system" is the scheme used for generating a memorable password. The people who are contributing to password cracking software have studied the issue at least as well as the people who make recommendations about password generation.



    What this means is that unless we use a truly unpredictable process (eg, rolling dice) in generating a password, we are going to fall short of having a system that meets Kerchoff's Principle. This means that we need to be more cautious in the security of various password creation schemes.



    Perfection may be fundamentally impossible given the nature of human memory. And we shouldn't let the perfect become the enemy of the good. So while I am critical of schemes like Haystack, and I am particularly annoyed at their incorrect claims about the security of the passwords created by it; I am all for anything helps make the passwords people have to remember [i]better[/i].



    Cheers,



    -j
  • Penelope Pitstop
    Penelope Pitstop Junior Member
    [quote name='jpgoldberg' timestamp='1307302654' post='28542']

    I am all for anything helps make the passwords people have to remember [i]better[/i].

    [/quote]

    The wacky phrases yielded by Diceware are quite easy to remember if you learn to apply mnemonic principles such as the [url="http://en.wikipedia.org/wiki/Mnemonic_link_system"]link system[/url]. The wikipedia article isn't very instructive but there are excellent books such as [url="http://www.amazon.co.uk/You-Have-Amazing-Memory-Life-changing/dp/1907486976/ref=sr_1_1?ie=UTF8&qid=1307306569&sr=8-1"]this one[/url].
  • khad
    khad Social Choreographer
    [quote]Perfection may be fundamentally impossible given the nature of human memory. And we shouldn't let the perfect become the enemy of the good.[/quote]

    Yup. It is not a matter of "good" or "good enough" but rather "better." And then "better still." <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_smile.png' class='bbc_emoticon' alt=':-)' />
  • khad
    khad Social Choreographer
    edited June 2011
    Also, just for the record, [url="http://www.grc.com/haystack.htm"]Steve does say quite clearly[/url]:



    [indent]The example with “D0g.....................” [b]should not be taken literally[/b] because if everyone began padding their passwords with simple dots, [b]attackers would soon start adding dots to their guesses[/b] to bypass the need for full searching through unknown padding. Instead, YOU should invent your own personal padding policy. You could put some padding in front, and/or interspersed through the phrase, and/or add some more to the end. You could put some characters at the beginning, padding in the middle, and more characters at the end. And also mix-up the padding characters by using simple memorable character pictures like “<->” or “[*]” or “^-^” . . . but do [b]invent your own[/b]![/indent]

    Emphasis added. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_wink.png' class='bbc_emoticon' alt=';-)' />
  • jpgoldberg
    jpgoldberg Agile Customer Care
    [quote name='khad' timestamp='1307341764' post='28575']

    Also, just for the record, [url="http://www.grc.com/haystack.htm"]Steve does say quite clearly[/url]:



    [indent]The example with “D0g.....................” [b]should not be taken literally[/b] because if everyone began padding their passwords with simple dots, [b]attackers would soon start adding dots to their guesses[/b] to bypass the need for full searching through unknown padding. Instead, YOU should invent your own personal padding policy. You could put some padding in front, and/or interspersed through the phrase, and/or add some more to the end. You could put some characters at the beginning, padding in the middle, and more characters at the end. And also mix-up the padding characters by using simple memorable character pictures like “<->” or “[*]” or “^-^” . . . but do [b]invent your own[/b]![/indent]

    Emphasis added. <img src='http://forum.agile.ws/public/style_emoticons/<#EMO_DIR#>/skype_wink.png' class='bbc_emoticon' alt=';-)' />

    [/quote]



    Thank you.



    I think I let my irritation at their strength claims get the better of me. So yes, of course each individual should come up with their own padding, but they should not be led to believe that a short password plus padding is as strong as a random password of the same total length.



    There is merit in this scheme, but nobody should take the calculations of strength on that page seriously.



    Cheers,



    -j

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.