Choosing good passwords
February 26, 2012 8:38 AM   Subscribe

Choosing good passwords - a straightforward real-world guide for the average user, by AusCERT. Also includes links out to a fun and informative piece on The Top 500 Worst Passwords of All Time, and more in-depth material aimed at the tech and security savvy, like this enjoyable conference talk: Security As If Your Life Depended On It (because it might!). So we can avoid becoming xkcd cartoons.
posted by philipy (71 comments total) 43 users marked this as a favorite
 
The best thing you can do is give up remembering passwords at all and use a service like 1Password or LastPass to generate strong, random passwords that are different for every site. Now you've got all your eggs in one basket, but at least that basket is designed to be secure. Related: your email account is the most important account to secure, because so many sites let you reset your password by email. I don't keep my email password in LastPass, that one I remember.
posted by Nelson at 8:43 AM on February 26, 2012 [3 favorites]


AusCERT also runs Stay Smart Online for the Australian government. It has some good resources for the typical home user. I'd have included it in the FPP if I'd found it earlier.
posted by philipy at 8:52 AM on February 26, 2012


So according to this xkcd cartoon, an 11 character password takes three days to guess at 1000/guesses per second, but AusCERT says that an 8 character password would take one year to crack assuming 6.4 million guesses per second, based on research done in 1993. I see a little discrepancy in these claims ...
posted by maudlin at 8:56 AM on February 26, 2012 [7 favorites]


I don't see hunter2...
posted by symbioid at 9:02 AM on February 26, 2012 [4 favorites]


I totally disagree that this is a "guide for the average user". It generally ignores three important points:

- More and more passwords used by "the average user" are not restricted to 8 characters. A multi-word phrase is inherently harder to crack than a "random" string of 8 characters. Mix in a single punctuation point, an arbitrary capital, and/or a number, and you can easily make your password even more secure without jumping through hoops. Which brings me to:

- Most people don't use passwords every day. They save them using sticky sessions/autofill/etc., then get irritated when that system fails and they actually have to remember their password. Attempts to get people to use mnemonics to do things like distill the first lyric of their favorite song are just going to fail. They're going to wind up on the dreaded sticky note on the monitor. To that end, why not use your friend's name, as long as your friend is not named "John Doe"? "Mary Sue Josephson is my best friend!" is actually a very secure password. Which bring me to:

- Most people who are going to try to hack your password do not know you personally. Go ahead and use personal details for your password! I certainly wouldn't recommend your ss#, or your birthday, or something that's likely to be sitting in another database that could easily be cross-referenced to your address, but the street address of your childhood home? Go for it. Old nicknames are another basis for good passwords.

Basically, use common sense. Make your bank account and email passwords are extra salty, but don't stress out trying to make the best password no one will ever guess, even you. As Nelson said above, password managers like 1Password are really awesome for giving out unique passwords you don't have to bother remembering. Just make sure your master password is super strong!
posted by mkultra at 9:02 AM on February 26, 2012 [8 favorites]


Nice try, MKULTRA.
posted by symbioid at 9:05 AM on February 26, 2012 [11 favorites]


I use a mix and match of a variety of strings. Some relate to my old locker combination in high school, some relate to people in my life in the past and a few other various tweaks I use. I figure that a base set of combinations to remember and mixed up in different ways so that each one is unique and yet still has some commonality in some way shape or form with some others might work.
posted by symbioid at 9:08 AM on February 26, 2012


1000/guesses per second... 6.4 million guesses per second....

This is assuming we actually know how the bad guys go about doing their "guessing".

If I was one of the bad guys I wouldn't focus on generating every single combination of characters from some set like [a-zA-Z0-9] , I would focus on generating combinations that people are likely to be using.

Back in the day it was said that you could crack a large proportion of passwords used by male college students if you tried the twenty most common girl's names. Because I even don't need to know who you are secretly in love with to be able to predict the human behaviors involved.

That story may be an urban myth, but I vaguely think it might be from The Cuckoo's Egg.
posted by philipy at 9:12 AM on February 26, 2012


8 character password would take one year to crack assuming 6.4 million guesses per second, based on research done in 1993. I see a little discrepancy in these claims ...

Well they're not comparable things. First off, xkcd is using entropy, while AusCERT is just enumerating permutations, neglecting to calculate the effects of their own advice and the motivations for it. Realistically, both are hand wavy in different ways.

They're also using different threat models. In AusCERT's case they're assuming you have the hash values and need to present the unhashed password to a system for access. xkcd, as explained in the parenthetical, just figures you're attacking an unsupervised authenticated webservice. It's not that computers have magically gotten slower, it's that we pretty much assume you're fucked if your opponent has a hash for offline cracking. The screenshot on oclhashcat's homepage, for example, shows an AMD box cranking around 4million guesses per second, and there are similar systems that model password policies like AUSCert recommends.

This just reminds me I need to make a joke chart about computer's ability to defeat passwords over time and humanity's ability to remember them. Because we really need to figure something out before those two lines cross.
posted by pwnguin at 9:14 AM on February 26, 2012 [1 favorite]


Most people who are going to try to hack your password do not know you personally.

See my last comment for why this may be dangerous thinking. You can use personal details maybe - if the personal details it occurs to you are not the same as the ones that everyone else thinks to use.

The cracker doesn't have to guess right first time, just to reduce the search space.
posted by philipy at 9:16 AM on February 26, 2012


The main point of this xkcd comic is that the AusCERT article is wrong. A longer password is almost always going to be better than a shorter password, because most attacks target shorter passwords. Tell people to use a mix of letters, punctuation, and case, and they'll come up with "S33cret!", which nearly as secure as "I wrote this on a post-it, too!". While the latter doesn't have much theoretical entropy, the attackers generally don't target the latter. The former is way way more common, and will be higher yield for someone trying to crack a large database of password hashes. Furthermore, a longer password (no matter how crappy) is much harder to find in a brute force attack.
posted by robla at 9:21 AM on February 26, 2012


That list of the top 500 passwords is a fairly depressing window into the mind of the typical computer user.
posted by ook at 9:23 AM on February 26, 2012 [5 favorites]


Back in the day it was said that you could crack a large proportion of passwords used by male college students if you tried the twenty most common girl's names.

The 500 worst password list includes "amanda", "paul", "george", "rebecca", "victoria" and several other names. We could conclude that the world in general frequently falls in love with people with these names, that the above named are vain enough to use their own names as their passwords or that your theory has some sound evidence.
posted by rongorongo at 9:28 AM on February 26, 2012


Maybe I should expand my last comment because the implications might not be clear to exactly the people that would be at risk of falling into those traps.

It's not enough that the guessing software doesn't know *your* mother's birthdate, *your* favorite movie or the name of *your* pet. All it needs to know is that it's worth trying things that look like dates, names of movies, common pet names etc.

Now if your pet happens to be named "Sdfewdhieev32e4" rather than "Fluffy" you're probably good. But if the name is to be found in a dictionary or even mentioned on Wikipedia somewhere, not so much.
posted by philipy at 9:30 AM on February 26, 2012


Sometimes my mother's maiden name is "awuEFAOmPcO2" and sometimes the street I grew up on was "HhLeY8zpnoDQ" ... I generate those from a Keepass password generator profile I call "12 Gauge shotgun" - Just sayin' you don't have to leave those items too guessable either.

Come to think of it, I only have to remember 3 passwords: my Keepass password, my gmail password and my employer's system password. The rest all hit my clipboard in stars, and I have no idea what they are, how long they are, or what password generation profile I used to create them.

My keypass file is on a server that I ftp using the keypass interface, so that I do not have to keep local copies of it. If I lose a computer that has the keypass URL in it, I simply change the FTP location and password, as well as the keypass file password. This hasn't happened yet, but just in case. I have this keypass file backed up in a couple of locations, and the password to it is in my safe deposit box so that when I die, my wife can get into my porn accounts. Nothing I do online is really important, and my bank balance isn't really all that high, but it is all very secure anyway.
posted by Monkey0nCrack at 9:34 AM on February 26, 2012 [4 favorites]


While the latter doesn't have much theoretical entropy, the attackers generally don't target the latter.

The attackers will of course learn if any particular approach to choosing passwords becomes common.
posted by philipy at 9:34 AM on February 26, 2012


Wow, everybody loves to slam the post-it approach. Well, everybody except Bruce Schneier and company.
posted by madmethods at 9:42 AM on February 26, 2012 [2 favorites]


I'm surprised "swordfish" wasn't on that list. People should be watching more Marx Brothers films.
posted by The Great Big Mulp at 9:45 AM on February 26, 2012 [5 favorites]


There's an important difference between a slip of paper in your wallet and a post-it on your computer screen. The paper in your wallet is as secure as all the other paper in your wallet. The monitor post-it is available to anyone walking by.

Maybe more importantly, the slip of paper in your wallet is "mnemonically secure": You're used to thinking of things in your wallet as being things that you need to keep track of.
posted by I've a Horse Outside at 9:49 AM on February 26, 2012 [1 favorite]


"I need to make a joke chart about computer's ability to defeat passwords over time and humanity's ability to remember them. Because we really need to figure something out before those two lines cross." -pwnguin

I'd propose the more realistic approach of trying to hold only individual privacy as well as possible while eroding institutional privacy as much as possible through transparency laws, leaks sites, anonymous hacks, etc. 2

I'm happy with a world without any privacy for anybody, but I'm very concerned about a world with privacy only for the powerful.1

1 We should record every activity of any national elected official, cabernet member, agency head, etc. And ideally all executives with companies that receive over $1B from federal contracts.

2 Individual privacy could ultimately become mostly a matter of physical possession of 512 bit AES keys, protected by only a thin password layer.

posted by jeffburdges at 9:50 AM on February 26, 2012 [1 favorite]


I see that "rosebud" is #401 on the top 500 worst passwords list. That's rather sweet. Who knew that so many people would be that into Citizen Kane allusions?
posted by philipy at 9:58 AM on February 26, 2012 [1 favorite]


If I include ☃ does my password become nearly unguessableo or have the bad men forseen the presence of snowmen in passwords?
posted by Winnemac at 9:59 AM on February 26, 2012 [4 favorites]


For personal passwords, I use lastpass, but for a work computer on which I'm forbidden to install any software, this is less than practical. Plus, I and everyone else there needs five different passwords for five different systems, each of which comes with different expiry periods, ranging from a year to six months, and the system is set up to reject any repeated passwords, so there's no recycling allowed. And everything must be at least nine characters, including uppercase and numbers. Furthermore, every so often the IT department runs a dictionary attack on everyone's passwords, and if they manage to crack anyone's password, that user gets forced to pick a new password the next time they log in.

The most common response is for people to resort to post-its, and even then there's a lot of frantic calls to IT for them to unlock accounts because they've forgotten the relevant password again and after their five incorrect attempts they're now locked out. My approach has been to use poetry. Take a line from a memorized poem, and turn it into txtspk so as many words as possible get replaced by numerals. Then take the initial letter of each word, and capitalize the nouns. If the line of poetry isn't long enough to satisfy the character requirements, use two. Then when the password expires, take the next line from the same poem, rinse and repeat as needed. As long as you can remember which poem goes with which login account, and how far through the poem you got, the rest of the password assembles itself. And leaving a poetry book hidden in a desk drawer as a memory assist is much less easily connectable to even someone looking over my shoulder than post-it notes.
posted by talitha_kumi at 10:03 AM on February 26, 2012 [7 favorites]


Serious question: is there something wrong with the post-it approach if the post-it is in a locked desk at work? I get why it's not smart to stick them on my actual monitor or in my wallet, but is there something intrinsically wrong with the post-it approach? A lot of the passwords I use are work-related so I can't use a service like LastPass, but I have my personal emails, online banking, etc. passwords on the same locked-in-a-drawer list.
posted by headnsouth at 10:04 AM on February 26, 2012


Serious question: is there something wrong with the post-it approach if the post-it is in a locked desk at work?

Several of the resources say that if it's a password you will use rarely (therefore likely forget), and you keep it in place that is rather secure (wallet, safe, locked drawer I guess), that's probably a good idea.

But bear in mind that it doesn't matter how locked the drawer is if the password is inherently easily guessable.
posted by philipy at 10:08 AM on February 26, 2012


Let me replug mefi's own password generator, which can be used offline.
posted by vidur at 10:20 AM on February 26, 2012 [3 favorites]


So I guess just trying to hack every mefite's account using "GenjiandProustisdreamy" would be one way to find my secret admirer, huh?
posted by GenjiandProust at 10:25 AM on February 26, 2012


The attackers will of course learn if any particular approach to choosing passwords becomes common.

I got to thinking about it, and I was wrong. I just don't know how to calculate the theoretical entropy of grammatically-correct 31 character phrase like "I wrote this on a post-it, too!". I know it's unique enough that, as of this writing, Google reports 'No results found for "i wrote this on a post-it, too".' Of course, once this thread gets indexed there will be at least one result, but still, it seems that that would have been a better choice than a lot of other passwords.

And sure, attackers will learn this approach if it becomes common, but since it's probably not in any danger of becoming common any time soon, that's a theoretical concern.
posted by robla at 10:28 AM on February 26, 2012 [1 favorite]


1000/guesses per second... 6.4 million guesses per second....

Password guessing speed is only really useful if a) the system doesn't lock a user out after say 3 attempts or b) the attacker has access to the hashed password file, network handshake, etc.

In the case of (b), cloudcracker.com sells 250,000 attempts/second for $17 for - ahem - "security professionals" to verify the strength of network handshakes, password hashes, etc. It looks like they combine both dictionary lookups and brute force, I guess thanks to a combination of Amazon's clustered GPU compute and storage at pennies per gigabyte.
posted by rh at 10:31 AM on February 26, 2012


While we're here, please don't forget about Google 2-step authentication, which requires using a security token (ie, your phone) to generate a limited time password along with your regular password. This makes for very strong security, particularly if you're worried about your password being stolen from a keylogger in an Internet cafe.

Two-factor authentication is becoming increasingly available. LastPass supports it for their cloud password service. For installing two factor in your own IT systems, the guys at Duo Security have a great product.
posted by Nelson at 10:33 AM on February 26, 2012 [2 favorites]


It looks like they combine both dictionary lookups and brute force,

And/Or rainbow tables.
posted by clarknova at 10:48 AM on February 26, 2012


my mother's maiden name is "awuEFAOmPcO2" and sometimes the street I grew up on was "HhLeY8zpnoDQ"

Yeah, yeah, you grew up on the rich side of town; you don't have to flaunt it. I bet your parents even let you drive a didUkJijdaz7 when you were in high school.
posted by one more dead town's last parade at 10:53 AM on February 26, 2012 [13 favorites]


I just don't know how to calculate the theoretical entropy

I was dork enough to do some math on the xkcd cartoon before I even thought about posting this FPP.

Whether the words-based or randomly-generated approach has more entropy depends a lot on the size of the word pool the words are taken from. and what other restrictions are placed on the selection. If your 4 words were randomly picked from a 200,000 word dictionary, such that you've never even heard of 80% of the words in there, it's stronger than the shorter random password. But if your 4 words are taken from the 10,000 most commonly used words in English, it's not.

The point here is if you were smart and evil you wouldn't think about the problem in the same way as the information theory assumes you would.

Though if you were smart and evil and valued your time, you could probably crack enough people's passwords with some very simple heuristics that perhaps you wouldn't care about making anything more complicated.
posted by philipy at 10:53 AM on February 26, 2012


Even for the security-conscious end user, the problem is that, in practical experience, no single pattern or password works for every system. Special characters required by your bank's system are prohibited by your company's network. Minimum-length criteria for your day-trading account exceed the maximum length for your magazine subscription. You're always going to have to somehow remember the unique criteria for different systems. Any guidance on ideal password formulation is nearly meaningless in this context.

Additionally, I think it's rather unfair and perhaps even harmful for any security org to perpetuate the fallacy that end users are responsible for repelling brute-force attacks. Companies that rely on chaotic, consumer-side security have already lost the security battle. Salt strings and encryption in the database, two-second limits on password entry (i.e., human speed, not machine speed), two-step authentication, and quantity-based password lockouts are much more effective in defeating guessing algorithms. Security focus should be on these controls, not on how stupid end users get what they deserve by using guessable passwords.

As a side note, I tried lastpass, but regret it. Storing multiple critical passwords with a third-party service that a) is centralized and globally accessible, and b) is an inherently more attractive hacking target than any single service or person strikes me as a very bad idea. The fact that lastpass doesn't seem to use either entry delays or quantity-based lockouts for its own logins---and that's only what I can see on the front end---only intensifies the feeling.
posted by diorist at 11:03 AM on February 26, 2012 [10 favorites]


Oh, that mefi password generator is gold, it will save me from postits.
posted by chapps at 11:17 AM on February 26, 2012


The attackers will of course learn if any particular approach to choosing passwords becomes common.

Just remember the joke about two people trying to outrun a bear. Unless you're worried about a targeted attack, you don't need a password that no hacker can crack, you just need one that is sufficiently better than that chosen by the worst 10% of password choosers.

Why would a hacker go to all the effort to try and crack an 18 character password with symbols, numbers, capitalisations and so on when they can get what they want from the people who use 1234?
posted by YAMWAK at 11:20 AM on February 26, 2012


I've always wondered about the brute force thing...what web services allow thousands of attempts per second? Why would they? That just seems lazy and stupid.
posted by maxwelton at 11:31 AM on February 26, 2012


YAMWAK: Why would a hacker go to all the effort to try and crack an 18 character password with symbols, numbers, capitalisations and so on when they can get what they want from the people who use 1234?

The thrill of the chase? Does the concept of "rising to a challenge" still exist in the hacker community?
posted by Greg_Ace at 11:35 AM on February 26, 2012


Just remember the joke about two people trying to outrun a bear.

I thought of that very joke when I wrote a couple of comments ago:

Though if you were smart and evil and valued your time, you could probably crack enough people's passwords with some very simple heuristics that perhaps you wouldn't care about making anything more complicated.

But the main reason for making this thread is to help people in general not get eaten by bears. And prob not the average Mefite who I assume is pretty streetwise, but our friends who could do with reading the links and the discussion here rather go on thinking that ncc1701 is a great password.
posted by philipy at 11:36 AM on February 26, 2012


I usually can guess what a forgotten password is because I've used a system for generating them for quite a few years now. My passwords are always [fixed part][variable part that depends on what the password is for][ridiculous requirement fulfillment part exactly matched with standard characters].

So say my fixed part is always 'ButtsLol', and MetaFilter requires two capitals, one special character, and two numbers. And say my standard alpha character is 'e', number is 3, special character is #. My password would be ButtsLolMeFiEE#33

When it expires and I have to change it, I change the standard characters. So now it's ButtsLolMeFiRR$44, which is usually different enough to satisfy the stupid validator. And all I have to record somewhere (I email myself, even though they say not to) is "MeFi: r4" to remember what my password is.

This is for stuff at work where, like talitha_kumi says, I don't get to use special password-remembering apps. At home I kind of like the keychain access utility provided by OSX. I never see that mentioned - is that not considered good?
posted by ctmf at 11:43 AM on February 26, 2012


The problem I have with LastPass--which I'll freely admit is likely a User Error or at least User Laziness--I'd that it doesn't seem to recognize that subfolders can be different websites.

That is, at my job we develop websites on our dev servers, under subfolders: dev.example.com/foo is a completely different site from dev.example.com/bar, but to LastPass these are both example.com passwords.

So when I go to log in to /foo using LastPass, I have to choose from a list of hundreds of example.com passwords.

Again, this is probably just me being too lazy to figure out how to configure it right...
posted by Ian A.T. at 12:24 PM on February 26, 2012


When I worked housecleaning, two of my clients had the very same password for their security systems. Predictably, one of those two was hit by burglary, which massively freaked me out. I had keys to most of the places I cleaned for and was always terrified that some numbnut would get hit and accuse me.

Occasionally I get bored and test out the wireless within range to see who has kept default passwords. Most of the time there's someone who still has it. I just wander off again. No actual inclination to prank anyone's insecure connection or rummage through their stuff. Most people are really pretty boring.
posted by thelastcamel at 12:33 PM on February 26, 2012


And yet there are still many services and companies that will send you an email confirming your password which contains the password.
There are still IT departments that require users to change passwords every 30 days and not reuse any of the last 9 or so passwords.
There are people out there who make you use an 11 digit/alpha numerical password.
No wonder post-it notes are so popular.
posted by Gungho at 12:54 PM on February 26, 2012


I would like to plug diceware, a classic approach for creating memorable yet reliably high entropy passphrases. (The xkcd cartoon might be a reference to it, not sure.) Use it for your master password, perhaps.
posted by hattifattener at 1:03 PM on February 26, 2012 [2 favorites]


Oddly enough, the password I think I'm most likely to forget when it really matters is the authenticator number on my ISOPREP form.

A four digit number. Simple, right? Not in your records anywhere. Not your birth year. Not part of your SSN. Contains no zeros. No repeating numbers. No duplicate numbers. No sequential numbers.

So, pretty much any way you might use to make this little number actually rememberable, not allowed. Plus, once you set it, you will probably never see or use it again. Until you need to.
posted by ctmf at 1:06 PM on February 26, 2012


Thanks diorist, I was about to move in that direction. I was trying to figure out what the likely vector of attack would be on something like a bank account. Back in the day (90s) when I did some sysadmin work I ran crack against etc/passwd but now. Well, I VPN over wifi, and don't use public terminals, but I am assuming that My Mega Bank would have something that would not let there be hundreds of tries on my account before a lockout -- I know this because I have locked myself out.

So I gather that the main vulnerability would be if the authentication server was entered and the password data was compromised. Once you spent the evening playing with that you could come up with several accounts I am sure and have fun until the compromise was discovered and accounts got reset. I don't want to seem naive, but assuming I stay encrypted and use an uncompromised PC, aren't the real threats beyond my control and not really about brute force attacking the consumer-end point of access? I would be interested in seeing a breakdown of how accounts are actually compromised in the real world.
posted by cgk at 1:09 PM on February 26, 2012


Random web services get "mumblefl0pXX", where "mumblefl0p" is a constant I use everywhere, and XX is an abbreviation of the site's name - so for instance Metafilter is "mumblefl0pmf", Twitter is "mumblefl0pt", etc.

Passwords I need to communicate, like say a wireless password, are sentences taken from books I like. Ideally with proper punctuation, capitalization, and spacing. (The friend I got this idea from can't do it any more, as they got a new router that disallows spaces.) They're sentences that struck me and hang out in my head ANYWAY.

I also use that for passwords that I feel need to be "serious" and unique - anything to do with money tends to get one of those.

My computer and the keychain on it both use the same short, oerwise unique word, similar to "mumblefl0p".

Luckily I've never worked anywhere that had a Serious Password Policy that requires frequent changes.

The absolute worst password in my life is the one for the public transit in Seattle. You can fill your transit card via the web, but the damn thing basically requires the completely illegible kinds of crap suggested in the linked article. I pretty much get into that by resetting it via email.

I would love to synch all this crap and stop thinking about anything but the one password that opens all my devices and their keychains; sadly Keychain on my Mac doesn't synch with my iPad, and neither of them wants to talk to my Android phone.
posted by egypturnash at 1:45 PM on February 26, 2012


I find it interesting, it's far easier to lambast users choosing poor/insecure passwords than the systems that encourage such choosing.

A selection of my purely work-related things that require passwords currently (this doesn't cover the multitude of passwords in my "real" life:
Phone
Voicemail
Hard drive
Operating System
Email
Messenging System
Intranet
Cloud Storage
Image database
CMS system
Corporate credit card
Intranet metrics tool

They all have different syntax and length requirements, refresh at different rates, etc, and most of these platforms are only accessible from my work laptop. Also, many of them have different login names, too, so that's like another password to remember.

Now, am I the problem here? Or is a reliance on multiple user passwords requiring multiple sign-ins, for a majority of things that do not actually require that level of (largely illusory) security? The result of all this is that I, like most people in my - IT! - company, have a document saved somewhere named, handily, "your passwords and logins." Note exactly security central.

Why do I need separate passwords to log into my phone number and voicemail? Why do I even need a password to log into my phone number, it does not "get" me anything; it's just a number. So on, and so forth.

I find it interesting, the constant refrain that "people pick terrible passwords". I would modify it somewhat to "People pick terrible password (for things that don't matter to them very much from a security perspective and they wouldn't have a hope of remembering otherwise, and that relying on passwords for security it like relying on a tight belt to stop weight gain."

So yeah, I have a lot of crappy, easily crackable passwords, replicated on a wide range of platforms. My password for netbanking, however, is exclusive to netbanking, and you can bet that's a long and random (to others) string. Still, I don't change that one every three months as recommended, either. I mean, really, who does that?
posted by smoke at 1:52 PM on February 26, 2012 [3 favorites]


I like that at work, a lot of these misc. passwords are starting to go away in favor of smart-card/pin authentication. I picked up a cheap USB card reader for home, and that works for remote access too. Drawback: it's like having the same password for every site. Someone gets your card and pin, they get them all.

Then again, it's easy to revoke/change them all at once if something bad happens.
posted by ctmf at 2:29 PM on February 26, 2012


cgk: Yes, I agree that the ways you're most likely to compromise your accounts are not the greatest threats to your accounts.

If you keep your uname/password secure in both storage and transmission, you'll be doing most of what you can to safeguard your (online) account. This includes what you said---using a clean PC and encrypted connections---and just generally thinking about how your password can get away from you. So, for example, checking public terminals for keyloggers (as much as is possible), not using secured/public networks for which unique router passwords are widely distributed, not using the same credentials for your bank as you use for less sensitive systems that are unlikely to be well secured, not using obviously guessable passwords, not using (or changing) default passwords and passwords that have been insecurely sent to you, and not out-and-out telling people what your passwords are.

Password strength is such a small part of that equation. In terms of individual account breaches, phishing attacks that reap voluntary password reveals are more worrisome. And to answer your first point directly, banks consider customers to be one of the largest attack vectors.

The rest of it---securing a password in the system---is really the bank's responsibility. And, yeah, because they've generally got very complex systems with rich payloads and vast attack surfaces, their threats are much greater: attacks on devices, networks, and accounts, and roving damage once a perimeter is breached. But, again, the value of your non-admin password in enabling a systemic breach should be almost negligible.

...Although, if a system is designed so that, once a hacker gets in, he can run amok, a single breach can turn into a mass breach. In that case, you can't really say that 10,000 accounts were compromised because Joe Enduser had a dumb password. Even if Joe allowed his own account to breached, the other 9,999 breaches are on the bank.
posted by diorist at 2:49 PM on February 26, 2012 [1 favorite]


How does the top 500 list know what people's passwords are? You're not supposed to store passwords, you're supposed to store hashes of passwords, which would make compiling this list very difficult.
posted by ctmf at 5:04 PM on February 26, 2012 [1 favorite]


If your system will let me make 499 wrong password guesses without lockout or trial throttling coming into play it doesn't really matter what your password is. So if that's the case, you might as well use something really simple and save some bandwidth.
posted by Kid Charlemagne at 5:52 PM on February 26, 2012


How does the top 500 list know what people's passwords are?

I would guess the same way the crackers know, i.e. by cracking them.

If you want to pursue the matter the source is this book.
posted by philipy at 6:02 PM on February 26, 2012


Not that anyone is targeting specifically you, Monkey0nCrack, but you should know that FTP sends everything in the clear. If anyone were to target specifically you, they’d just need an hour or so of time on the same subnetwork as you and your Keepass file would be as secret as an FPP.
posted by mistersquid at 6:08 PM on February 26, 2012


If your system will let me make 499 wrong password guesses without lockout or trial throttling coming into play it doesn't really matter what your password is.

That's not really the issue. Consider, instead, 499 users making one wrong password guess each, all from different IP addresses... Who do you lock out or throttle in that case?
posted by NMcCoy at 7:41 PM on February 26, 2012


I just don't know how to calculate the theoretical entropy of grammatically-correct 31 character phrase like "I wrote this on a post-it, too!".

Entropy is a measure that applies to distributions, not individual samples; asking about the entropy of a single sentence is like asking whether 28 is a random number (i.e., entropy and randomness are properties of processes, not of the results of those processes). Likewise, it's not really meaningful to ask whether "n&f5hg^" is a strong password, because strictly speaking password strength is a measure of the process by which you're generating passwords rather than the individual results. For example, if you're generating passwords according to a uniform distribution over 8 characters, and your adversary knows that that is your strategy, then if you randomly pick "secret!!" as your password, it's not any weaker than any other password. It's like a game of rock-paper-scissors; there's nothing special about any of the moves, "rock" isn't intrinsically more predictable than "paper" or "scissors", unless your opponent knows that you have a bias towards picking "rock".

So when we're asking about the entropy of English sentences, that's a shorthand for asking about the entropy of the process that generates English sentences.

This paper gives some estimates for the entropy rate of English sentences per word, where it varies between ~7-9 bits per word depending on the estimation method and the positioning of the sentence in a text (i.e., they find that sentences later in a text have more entropy than earlier ones). At 7.5 bits per word, you would need a six word sentence to hit XKCD's 44 bits, rather than the four words he estimates (he seems to be using Shannon's older estimate of 11 bits per word, which is based on a model of adjacent letter frequencies rather than whole words).
posted by Pyry at 8:14 PM on February 26, 2012


It depends on whether they're random words or coherent sentences, I'd imagine. The XKCD one is random common words, which is a good deal more random than a sentence fragment that has to make sense. He estimated that method at 11 bits, and since 2^11 is only 2048, I'd imagine that's a fairly conservative estimate. There's a lot more than 2000 commonly used English words, especially if you count plural and singular being different.
posted by Zalzidrax at 9:34 PM on February 26, 2012


my current method is a little loopy: get random data (from hotbits, other random number sources), xor it, entropy-test (make sure there's around 8bits of entropy per byte, statistically), then base85 encode it.
posted by oonh at 10:20 PM on February 26, 2012


I just don't know how to calculate the theoretical entropy of grammatically-correct 31 character phrase like "I wrote this on a post-it, too!".

121 bits for this phrase according to keepass. Here is how it calculates it.
posted by rongorongo at 10:29 PM on February 26, 2012


which nearly as secure as "I wrote this on a post-it, too!"

...OK, nobody look at my computer for a minute.
posted by obiwanwasabi at 12:49 AM on February 27, 2012


rongorongo: If your adversary knows that you've chosen an english phrase as your password then the entropy is much less than that.

Given that most people base their passwords on phrases or words in a language they know, it seems likely that any password guessing process will start with passwords formed in that fashion. Since your choice of passphrase should be informed by the likely strategy adopted by your adversary, you therefore need to either choose a longer passphrase or leaven your passphrase with some characters generated by a different method in order to reach the same level of security that a random sequence of characters of the original length would give you.
posted by pharm at 3:35 AM on February 27, 2012 [1 favorite]


I would love to synch all this crap and stop thinking about anything but the one password that opens all my devices and their keychains; sadly Keychain on my Mac doesn't synch with my iPad, and neither of them wants to talk to my Android phone.

Solution!
  1. Install KeePassX on your home computer (nb. not KeePass 2; it hasn't been ported to mobile devices properly)
  2. Create password database hereafter known as keepass.kdb
  3. Sync to some cloud storage solution. I shall assume Dropbox. They're not really secure, but it won't matter because you chose a good master password, right?
  4. On iPad, install Dropbox for iPad and iKeePass
  5. On Android, install Dropbox for Android and KeePassDroid
  6. Use Dropbox to pull keepass.kdb whenever you need to
  7. Open it with the local port of keepass
  8. Profit
posted by LogicalDash at 4:17 AM on February 27, 2012 [1 favorite]


No love for the fabled default router combo admin/admin? It took my neighbors over 2 years to finally password protect their wireless & change the router's password.
posted by Devils Rancher at 4:54 AM on February 27, 2012


6.4 million passwords per second is just a little bit out of date in terms of speed for dumb password brute forcing. Using a relatively recent budget Nvidia card, IGHASHGPU, and the character set defined in the article:

Found password: [gr8Pa55], HEX: 67 72 38 50 61 35 35
Processed 1 587 703 447 552 passwords in 45m 21s.
Thus, 583 536 867 password(s) per second in average.

The biggest problem I see with passwords today is how many companies who should know better can't seem to keep their hashes private, and salted.
posted by helicomatic at 10:23 AM on February 27, 2012


The way I remember my passwords is to use part of the site's name, a fixed random number, a fixed personal codeword, and capitalize the first letter of each word. If I was with Bank of America my password would look something like Baoam238Bunnies. A couple sites I use require a special character, so I just hold shift for the first digit of my number.
posted by Evilspork at 11:16 AM on February 27, 2012


Sync to some cloud storage solution

Am I the only one who is concerned about putting all my passwords in the cloud somewhere, whether under supposedly strong encryption or not?
posted by grouse at 11:21 AM on February 27, 2012


You are not alone.
posted by diorist at 12:00 PM on February 27, 2012 [1 favorite]


LastPass.
posted by dave78981 at 3:04 PM on February 27, 2012


If strong encryption doesn't give you confidence, you mustn't sync over internet. The best security you can get that way is through TLS, which uses AES, the exact same standard that KeePass uses.
posted by LogicalDash at 4:33 PM on February 27, 2012


Apple encrypted drives aren't nearly as secure as TrueCrypt encrypted drives, even if they employ the same AES keysize, LogicalDash, since Apple's software is closed source. KeePass is much more secure than LastPass precisely because KeePass is open source.
posted by jeffburdges at 6:49 AM on February 28, 2012


Er, okay, but I was comparing KeePass to SSL, not LastPass. SSL can be open or closed. I guess if you want to have confidence in your syncing connection you should look into the particular SSL package that your cloud storage provider uses. Or your network drive, which is basically the same thing for these purposes.
posted by LogicalDash at 7:00 AM on February 28, 2012


« Older Maybe these are the droids you're looking for   |   Surveillance state located Newer »


This thread has been archived and is closed to new comments