Come for the politics, stay for the snark.

The GOP couldn’t organize an orgy in a whorehouse with a fist full of 50s.

An almost top 10,000 blog!

Conservatism: there are some people the law protects but does not bind and others who the law binds but does not protect.

Sadly, there is no cure for stupid.

I like you, you’re my kind of trouble.

Our job is not to persuade republicans but to defeat them.

Putting aside our relentless self-interest because the moral imperative is crystal clear.

T R E 4 5 O N

Thanks to your bullshit, we are now under siege.

Republicans don’t want a speaker to lead them; they want a hostage.

No offense, but this thread hasn’t been about you for quite a while.

Usually wrong but never in doubt

rich, arrogant assholes who equate luck with genius

Hot air and ill-informed banter

I did not have this on my fuck 2022 bingo card.

They fucked up the fucking up of the fuckup!

The truth is, these are not very bright guys, and things got out of hand.

Teach a man to fish, and he’ll sit in a boat all day drinking beer.

Since when do we limit our critiques to things we could do better ourselves?

It’s easy to sit in safety and prescribe what other people should be doing.

Why is it so hard for them to condemn hate?

They’re not red states to be hated; they are voter suppression states to be fixed.

Let us savor the impending downfall of lawless scoundrels who richly deserve the trouble barreling their way.

Make the republican party small enough to drown in a bathtub.

You are here: Home / Science & Technology / Just Use Four Words

Just Use Four Words

by | 197 Comments

This post is in: 

This is good news:

The man who wrote the book on password management has a confession to make: He blew it.

Back in 2003, as a midlevel manager at the National Institute of Standards and Technology, Bill Burr was the author of “NIST Special Publication 800-63. Appendix A.” The 8-page primer advised people to protect their accounts by inventing awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.

***

The new guidelines, which are already filtering through to the wider world, drop the password-expiration advice and the requirement for special characters, Mr. Grassi said. Those rules did little for security—they “actually had a negative impact on usability,” he said.

Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S.

That’s nice to know.

Reader Interactions

197Comments

  1. 1.

    Villago Delenda Est

    Well, my give up. My passwords always include numerals and special characters, and I can usually remember them.

  9. 9.

    Roger Moore

    My general feeling is that the old password guidelines were written with the assumption that passwords had to be short. If you need a password that’s both short and hard to guess, you need to include symbols, case changes, etc. These days, though, there’s no particular reason to want to keep passwords that short. It isn’t particularly difficult to deal with very long passwords or pass phrases, and (as the comic shows) they can be a lot more challenging to guess.

  12. 12.

    Origuy

    The problem is all of those websites and IT policies that enforce the old specification. It will take years to get those changed.

  16. 16.

    ruemara

    I use things I say or like and since I am utterly random and weird, even I forget what they are sometimes.

  24. 24.

    Cermet

    If it is easy to use, memorize and makes sense, no government agency would ever allow it – QED

  33. 33.

    Major Major Major Major

    @Baud: Well you don’t have to leave it out.

    Basically, suppose you have an option to remember one of two things about a password–either where the special characters are, or an additional word. The extra word will give your password more oomph. If you happen to also have a natural place for an exclamation point, more power to you!

  34. 34.

    Bill Arnold

    FWIW,
    My current standard is 3 words (plus an optional numerical suffix) if env is reasonably secure (and guessing rate-limited) or two factor authentication is used, else 4 words. Phrase can optionally be grammatically correct but must not make full sense in this reality. Encryption passphrases much longer. (Still have a few older shorter passwords due to sloth.)

  36. 36.

    OldDave

    The four words should not be obviously related, so some of these won’t be as unbreakable as one might hope – example: ImpeachDonaldJTrump is way too obvious.

  37. 37.

    SiubhanDuinne

    @ruemara:

    I use things I say or like and since I am utterly random and weird, even I forget what they are sometimes.

    Surely you remember the name of your kindergarten teacher.

  46. 46.

    ? ?? Goku (aka The Hope of the Universe) ? ?

    My passwords are usually random letters with a few capitalizations and some numbers thrown together.
    Ex: STubtc84
    Is this a bad password, like above?

  64. 64.

    Ohio Mom

    Ohio Dad has been saying this since forever, and it is the protocol we use in our household whenever a password is required. I predict that he will not feel vindicated when I show him this, instead he will be annoyed that it took everyone else so long to catch up.

  67. 67.

    ? ?? Goku (aka The Hope of the Universe) ? ?

    @Major Major Major Major:
    @Baud:
    Well that sucks. I never considered a computer would try to break my password, just another human. And really, who could possibly guess that, besides a computer?

  71. 71.

    Mnemosyne

    The current advice from the Giant Evil Corporation I work for is two unrelated but easy to remember words, one special character, and a 4-digit number.

  73. 73.

    Mr Stagger Lee

    There was a movie starting Ray Liotta and Kurt Russell, in which Liotta was stalking Russell and his family. In the climax Liotta crashes the house,so he needs to assure the security company the password, he says diamond, but Russell changed it. Classic Russell line. “Seven Letters” [email protected] You”:

  75. 75.

    A Ghost to Most

    I’ve taken to using song titles, since they are easy to remember: GimmeShelter_14.

  76. 76.

    ? ?? Goku (aka The Hope of the Universe) ? ?

    Perhaps thumb prints would be better than passwords? Passwords can be figured out by computer programs. Every person has a unique thumb print. Several smartphones already have the technology.

  80. 80.

    Mnemosyne

    Also, I feel vindicated that for years I used a newspaper phrase as my password on the assumption that people who didn’t work at my college paper wouldn’t be able to guess it.

  82. 82.

    T S

    No individual account on any system should let 1000 guesses per second be tried remotely. Also, decent email services warn you if it looks like someone is trying to guess your password. Hard to guess a password by brute force when you add those factors in. Also, too, use two-factor identification.

  83. 83.

    chris

    Blonde-not-so-dumb joke which (maybe) came from the xkcd forum.

    Young lady was told that her password must contain seven characters and a capital so she typed DocGrumpyHappySleepyDopeyBashfulSneezySacramento.

    I pick four words from the spines of the books around me and then put those books together at one end of a shelf because brain farts happen.

  85. 85.

    SiubhanDuinne

    @schrodingers_cat:

    To this day, whenever I see or think “All your base are belong to Tunch,” I automatically set it to the Christmas tune “Il est né, le divin Enfant.” Both the phrase and the carol are corrupted for me forever.

  87. 87.

    Mnemosyne

    @Baud:

    Nah. It was a department joke. I don’t want to say it because I still use it for some low-value passwords of mine (i.e. places where I need to log in but there’s no credit card info or personal information stored).

  94. 94.

    Schlemazel

    @Emma:
    DOn’t count on foreign words alone for security! The hackers have many dictionaries including most languages. Because of entropy a long password/phrase is more secure but it does not hurt to add numbers and special characters just to be safe. The simple way to add them is to use them like spaces so correct1horese2battery3. The way passwords are hacked makes that a lot harder to find – and for gods sake don’t use that password from XKCD because hackers are looking for that one

  96. 96.

    raven

    We have to change our work email passwords every 6 months, I’ve got a year to go so I started using my Army serial number. 50 years and it’s clear as bell.

  97. 97.

    Roger Moore

    @T S:

    No individual account on any system should let 1000 guesses per second be tried remotely.

    They’re worried that somebody will steal the password file. Any place with decent security will store the password hashes instead of the passwords themselves, but it’s still possible to do a dictionary-based attack against the hashed passwords, especially if they aren’t well salted.

  98. 98.

    Percysowner

    I’m old enough that we had letters in our phone numbers and I called my grandma all the time, so I have the perfect 7 digit password memorized from 50+ years ago.

  99. 99.

    Frankensteinbeck

    This has been known for years. All that stuff about constantly changing your password, and adding numbers and characters, that was arbitrarily made up by system devs who thought it sounded like it would help. When it was actually studied, it made no difference at all. Hacking methods almost always depend on either going around authentification, or knowing your password ahead of time.

    EDIT – But I’m glad it has finally been officially declared by people who might actually have influence in changing annoying systems.

  100. 100.

    Ruckus

    @SiubhanDuinne:
    I don’t remember the names of my favorite teachers, or even the ones that I hated. I remember the names of the guys I served with that I liked. Most of them. Some of us have a hard time hearing names and remembering them even if we are familiar with the people. I don’t know my moms mother’s first name, I only knew her as grandma. She did pass away when I was 9 or 10 though.

  105. 105.

    T S

    @Major Major Major Major: A lot of services don’t have two-factor and don’t have warnings…but any system that lets 1000 guesses per second be tried…I won’t say you are wrong, I guess I don’t know…but that’s criminal in itself.

  106. 106.

    Amaranthine RBG

    Okay, here’s a dumb question:

    If 3 or 4 word phrases become the new de facto password scheme, would it be easy to crack by just running through 3 and 4 word combinations from a dictionary?

    I get that longer passwords are harder to crack when you don’t know any of the characters and every character in the password could be a letter/number/upper or lower case, etc.

    But by completely uninformed guess is that they would be easier to crack if each character was assumed to be word.

    On second thought, I guess this would be easy enough to fix by making it CorrectHorseBatteryStaple7 or something.

  108. 108.

    SiubhanDuinne

    @Ruckus:

    There are, or at least used to be, a lot of sites that would allow you to prompt in case you forgot your password. Usually things like “mother’s maiden name,” “name of your kindergarten teacher,” “breed of your first pet,” “first boy/girl you kissed,” etc. Haven’t seen those kinds of prompts in years, though.

  110. 110.

    p.a.

    RecordInaugurationDayCrown
    NoDealingsWithRussia
    DownGoesRepealReplace
    RepublicanSenateFailSad!
    IWonSoBigly
    WhiteHouseADump
    IAmTheDecider
    IsOurChildrenLearning

  111. 111.

    Gvg

    @? ?? Goku (aka The Hope of the Universe) ? ?: as you get older, your skin dries out and it becomes hard to get finger prints. This was explained to us when we were getting foster parent licenses and several of our older helpful relatives did background checks so they could be legal babysitters for us…my older relatives had to try several times. Now I am getting dry hands and sometimes touch screens won’t read my swipes. I have to moisturize. Anyway I don’t think fingerprints are going to work.

  112. 112.

    Schlemazel

    @? ?? Goku (aka The Hope of the Universe) ? ?:
    what they do is take a dictionary (the best hackers have custom dictionaries with millions of word and letter combinations) and encrypt each word using a hash function and compare the results to what they can see in the password file. If they get a match they know your password. It takes a lot of computing power to do that fast & very long passwords take exponentially longer. Be aware that they know ‘leet’ and their dictionaries will have words where the o’s are zeros, the i’s ones the t’s sevens etc.

  113. 113.

    PhoenixRising

    @Percysowner: I use my childhood phone number, which I can’t forget and no one could guess. My sister is my backup system; if I get hit by a truck she can break open my password storage file. I hope. She was class valedictorian & I know we were drilled in kindergarten…

  119. 119.

    Mnemosyne

    @Major Major Major Major:

    So is the difference that they’re (ideally) 3 or 4 unrelated words (not a phrase) so it’s hard to guess what each individual word is?

    I’m also assuming it’s kind of like the advice you get when locking up your bicycle: thieves who really, really want your specific bicycle will keep working until they break all of your locks, but thieves who just want to steal A bicycle will move along if you make it too much of a pain in the ass for them.

  121. 121.

    mai naem mobile

    ButtherEmails
    ButHeremails
    ButterEmails
    HelikesemailsINALLCAPS
    Bannonsuckshisouioui

  122. 122.

    eclare

    @SiubhanDuinne: I still see them, and so many of them either don’t apply to me as single with no kids or siblings or I have no idea. My first grade teacher, really?

  123. 123.

    sigaba

    @Smedley Darlington Prunebanks (Formerly Mumphrey, et al.): It has to do with the search space. A casual word randomly selected has 11 bits of entropy, assuming you’re picking from a list of about 2048 words.

    The other method requires a rarer word but the things you do to it, replacing letter with numbers and adding the random symbol here or there, don’t significantly make it more random.

  124. 124.

    Major Major Major Major

    @Mnemosyne: Well, see @Schlemazel above first; they’re looking for low hanging fruit from tables of many many passwords. So more predictable passwords with fewer characters will be guessed faster in general, and phrases that can be mined from a corpus as likely to occur together will be among those guessed first.

    ETA: and yes, if somebody really wants your information, there’s always rubber-hose cryptanalysis.

  126. 126.

    Ruckus

    @SiubhanDuinne:
    Yeah those questions were probably answered as the password. So if someone has any info on you and sees that, they are in. When I still run across one one of those I use a word that means nothing to anyone. Mom’s name for example might be dusseldorf758.

  128. 128.

    Schlemazel

    @Amaranthine RBG:
    You either get the whole password or none of it. If your password were correcthorsebattery and somehow I knew you used correcthorse I could build a dictionary with every possible combination of words (and word order) and would eventually get it right but if I knew none of the words I would have to try every possible combination of every possible word. That would take years.

  130. 130.

    ? ?? Goku (aka The Hope of the Universe) ? ?

    @Mnemosyne:
    I have a combination bike lock. I ALWAYS make sure to loop it around the front wheel AND the frame to an immovable object. The front wheel on most bikes has a release.

    When out I usually see bikes without front wheels, locked securely to a pole or something. I probably should get an extra lock, but I don’t really use my bike as everyday transportation much.

    Edit: That and my bike is a WallyWorld Special “mountain bike”. Nothing expensive. I slapped some street slicks on them and use on asphalt trails.

  132. 132.

    Roger Moore

    @T S:
    Again, the worry about guessing 1000 passwords per second isn’t based on an on-line guessing attack. It’s based on them stealing the password file and doing a dictionary attack against the hashed passwords.

    For those who don’t know, it’s normal for sites not to store the passwords themselves in the password file. Instead, the passwords are run through a cryptographic hashing function, that is a function that converts the password into apparently unrelated gibberish. Hashing functions are also called trap door or one-way functions because they are easy to perform but essentially impossible to reverse. So the idea is that they store the hashed password because hackers can’t start with that and go backward to the original password.

    Hackers have counterattacked by using dictionary attacks. Instead of trying to reverse the function, they just take all the words in the dictionary, compute the hash function, and compare it to the hashed passwords to see if they can find a match. Computers are now fast enough they can use not just the dictionaries themselves but also permutations of the dictionaries, like substituting symbols for letters, adding digits to the beginning and end, changing case, and all the other tricks people like to use. They also precompute the hashes and store them so they can reverse the hash very quickly.

    So the problem isn’t just finding a password that will keep the hackers from guessing by trying usernames and passwords on-line. You have to have a password that they won’t be able to find when they have the hash and try dictionary attacks offline.

  134. 134.

    Mnemosyne

    @Major Major Major Major:

    I will reveal the example password that the GEC created for their demos: SushiDiamonds (plus a special character and a year). You’re supposed to pick two of your favorite but totally unrelated things. Are they correct in saying that it should be almost impossible for someone to randomly guess that?

  136. 136.

    NotMax

    ThisIsMyPassword

    ParsleySageRosemaryThyme

    SexOnTheBeach

    ItsFullOfStars

    WhatsTheFrequencyKenneth

    IAmTheWalrus

    UseTheForceLuke

  137. 137.

    Brachiator

    @SiubhanDuinne:

    .There are, or at least used to be, a lot of sites that would allow you to prompt in case you forgot your password. Usually things like “mother’s maiden name,” “name of your kindergarten teacher,” “breed of your first pet,” “first boy/girl you kissed,” etc.

    There are plenty of sites and businesses that still use these profiles and reminders. A rule of thumb is never to use real personal information unless you absolutely have to.

  138. 138.

    Mike J

    Since JC was asking about VPNs, did anyone see the story that came out today about the scam VPN injecting tracking in all its traffic?

  141. 141.

    Schlemazel

    @Mnemosyne: @Mnemosyne:
    there are a couple of problems & they are the same as insisting there be a special character. Lazy people will always make the first or last char an exclamation point, the dictionaries try that, so if I know the rules I would append or prepend ‘2017’ to every guess. It isn’t terrible but the fact that they publish the rules makes it less secure because it can reveal a pattern.

  142. 142.

    Schlemazel

    @Mike J:
    I assume NSA has several VPN provider sites out there so I am not surprised

    You are not going to be safe from a nation state, they will use metadata to identify targets and then focus on breaking whatever they use. Hell NSA had dozens of tor relays so instead of being anonymous you were feeding data right to them.

  145. 145.

    Fair Economist

    @Amaranthine RBG:

    If 3 or 4 word phrases become the new de facto password scheme, would it be easy to crack by just running through 3 and 4 word combinations from a dictionary?

    3 words, sort of. 4 words, no, because there would be too many combinations. A typical American has an active written vocabulary of 10,000, which makes 10 quadrillion possible four-word combinations. It would just take too long to run the list, even with a computer.

    Some caveats, though – you don’t want a phrase, because there are far, far, fewer 4-word phrases in English. You also want to use some less common worlds. If all the words were from the 1000 most common (ten hundred most common in the Thing Explainer) then there’s “only” a trillion, which is crackable with physical access to a device (still not for most remote access).

    3 words instead of 4 drastically reduces the numbers, which is why you want 4.

  146. 146.

    Schlemazel

    @trollhattan:
    It is related to a skin condition but I get a lot of mileage out of telling the kids at work it is the result of my time with MIB

  147. 147.

    Brachiator

    @Mnemosyne:

    .You’re supposed to pick two of your favorite but totally unrelated things. Are they correct in saying that it should be almost impossible for someone to randomly guess that?.

    Some hackers are going after businesses because a lot of companies are lazy and stupid about customer and internal security while individuals have gotten smarter. So if a company has your ID and password in an unsecured and easily accessible database, it doesn’t matter how great your login info might be.

    Also, people are often predictable, using popular phrases. Game of Thrones fans might use winter is coming.

    If you are a very public person, you may announce your favorite stuff, making a guess easier. Rumor was that some celebrity used her dog’s name as a password and she often mentioned the name in interviews.

  152. 152.

    Fair Economist

    @PhoenixRising:

    I use my childhood phone number, which I can’t forget and no one could guess.

    First: you’d be surprised what they have records of. Second, if they’re using an automated attack method, simply trying all 7 digit phone numbers is trivial.

  155. 155.

    Quinerly

    @eclare:
    Eye seems to be all clear today. Painful Saturday night. Appointment with eye doctor for a final check on the healing later this week. Thanks for asking. Have a great evening.

  156. 156.

    dm

    @Smedley Darlington Prunebanks (Formerly Mumphrey, et al.):

    Each word provides about 11 bits (implies that they’re drawing from a 2000-word (2^11) vocabulary — a bigger vocabulary implies more bits).

    It’s important that the words be random — if you can predict the next word from the previous one, that helps the attacker. If the four-word phrase is likely to appear anywhere, that gives the attacker some help. So: it may be a good idea to Google your phrase before using it. A lot of hits => The phrase is in an attacker’s dictionary.

  157. 157.

    Schlemazel

    @Emma:
    good

    although mixing Welsh with English would be a great idea as long as they didn’t figure that out. But if you didn’t always use the same words or the same language order trying to hit 4 words of some combination of 2 languages is much more difficult

  159. 159.

    Jay S

    @? ?? Goku (aka The Hope of the Universe) ? ?:

    Every person has a unique thumb print

    not true, some people do not have fingerprints at all, My sister claims hers were worn off over time. It was a problem when her job required prints. There may be a set of bio-metrics that can cover every one but a single one will have outliers.

  164. 164.

    Roger Moore

    @Amaranthine RBG:
    The point is that the effort goes up enormously as the number of words increases. Imagine that you’re starting with a tiny dictionary that has only a thousand words in it. Obviously a hacker would only have to guess a thousand times to get one. If you add a two digits to the end, you increase that to a hundred thousand. If instead you use two words you get a thousand times a thousand, or a million, possible choices. If you go up to four words, it’s a thousand times a thousand times a thousand times a thousand or a trillion possible choices.

    And that’s assuming you’re choosing from only a thousand words. If you’re choosing from ten thousand, four words gets you to ten quadrillion possibilities. Basically, adding one word is as effective as adding several digits or replacing a few letters with symbols, but the added word is probably easier to remember and type.

  165. 165.

    different-church-lady

    Different-Church-Lady’s rule: every possible event in life is covered by either (a) an xkcd, (b) a Monty Python Sketch, or (c) a Louis CK routine.

  166. 166.

    Geeno

    My Invader Zim based series of passwords started last year with the line “Gir, Bring me cow” with some occasional LEET speak numeric substitutions from my gaming (FPS) days and a remembered pattern of altered capitalization/punctuation. Since the lines were funny when I heard them first, they’re easy to remember, and Invader Zim was delightfully random in many ways. I’ve since branched out to other shows, but I always stick to obscure ones with somewhat messed up humor.

  170. 170.

    Jim Parish

    Of the various institutions I have passwords with, there is only one which asks for (or accepts) multi-word passwords: Discover Card. Pity I almost never use that card….

  171. 171.

    namekarB

    Address from my growing up neighborhood (not my own street address). Has numbers, upper and lower case. Works great and easy to remember

  172. 172.

    Brachiator

    @Ruckus:

    .5 words, 3 languages. Not common words and less used languages.

    .I used to use a word that was very obscure in the real world. One day, for fun I did a Google search and found out that the word was very, very common. It was foreign, but also a piece of equipment that was used by a character of that nationality in a hugely popular computer game. I’m not a gamer, so I had no idea.

  173. 173.

    Roger Moore

    @Brachiator:

    A rule of thumb is never to use real personal information unless you absolutely have to.

    Unfortunately, you don’t always get a choice. My bank used one of the tools the credit score people have as their password recovery system, where they ask you a series of questions about your previous employers and residences to confirm you’re really you. It sounds clever, but somebody broke into the warehouse where the escrow company that handled my mortgage kept all their files. That gave somebody all the information they needed to get through those checks and reset my username and password on my bank’s website.

    The good news is that the people who did it were not quite smart enough. My bank automatically sends me an email every time critical information on my account is changed, so I got a series of emails telling me as they changed my username, password, and address. I got the email in enough time I was able to call the bank and do something about it before the thieves stole all my money.

  176. 176.

    Brachiator

    @Roger Moore:

    .Unfortunately, you don’t always get a choice.

    . True enough. As I noted, many businesses have stupid rules and practices that create an easily abused vulnerability.

    One site I used to use would not allow passwords of more than 12 characters.

  177. 177.

    Brachiator

    @Major Major Major Major:

    .Ulysses is the one that’s a slog!

    Nope. I absolutely love this novel. Used to read it every year. An Irish American co-worker read it for the first time, and read chunks of it aloud. He got the music and the jokes. As always, yer mule age maze very.

  178. 178.

    Ruckus

    @Brachiator:
    Still that’s 5 words and different languages they have to crack. That’s a reasonably tough nut.
    As we all know, or all should know, anything you can think up can be cracked, given enough time and energy. Also I didn’t say obscure words but should have. The real problem is that so many of the systems that use passwords are not all that secure and that seems to be the weak entry point into the entire system. Because of course we are mostly all too busy or have too limited of memory to use a different password for every place that requires it.

  179. 179.

    Jay S

    @Brachiator:

    One site I used to use would not allow passwords of more than 12 characters.

    Apparently there are sites that take long passwords but only use the first 8-12 characters without telling you.

  180. 180.

    Mike J

    @Schlemazel:

    You are not going to be safe from a nation state, they will use metadata to identify targets and then focus on breaking whatever they use.

    There are good reasons to have a vpn, but if you can’t describe the threat hold off. And as Taylor Swift points out, just using https will get you most of the way there.

  183. 183.

    Phenobarbarella

    @Ruckus:

    Because of course we are mostly all too busy or have too limited of memory to use a different password for every place that requires it.

    That’s why you want to use a password manager. Remember only one long, strong password…and let the generator do the rest.

  187. 187.

    Soprano2

    I’ve always thought the convention of having to change our network password every 90 days made it less secure, because some people write the password on a Post-It and stick it on their desk somewhere so they can remember it. I bet our IT department won’t adopt this new convention until after I retire in 9 or 10 years.

  191. 191.

    Ruckus

    @Phenobarbarella:
    What do you do when someone hacks the password generator? That password for your bank has to be stored somewhere and it has to connect to something to work. Putting in an intermediary system may make your password stronger but that also puts another place where an attack can happen. Anyone and everyone is subject to hacking and from a number of directions. All it takes is desire and computing power. There’s more than enough desire in the world and computing power is extremely cheap these days.

  192. 192.

    Ryan

    I swear there was a Wired article or something about this years ago. I switched to phrases long ago. Donnieyoureoutofyourelement.

  193. 193.

    Groucho48

    For years, if the site would allow it (more and more do), I would use the names of two of my characters from the various MMOs and single player games I’ve played. They are longish names…at least 8 characters in each name. I also substitute a symbol for, say, the 3rd and 12th letter. Is that secure enough or should I add more character names? I’ve created dozens, over the years. I’ve always figured it was the total number of characters that was important, not the number of words used.

  194. 194.

    Applejinx

    @Mnemosyne: Not really. The entropy thing means if you’ve got a phrase, even if it’s pretty ‘guessable’, it’s still unlikely for anything to brute-force it and the number of possible ‘normal’ phrases is larger than you think.

    “How’s that hope and change thing working out for ya?” is a LOT of characters, incredibly hard to brute force. If you know that’s what you use, it’s just on you to not tell the world ‘Oh, my password is a thing Sarah Palin said in the form of a taunt’ because that narrows it down hugely. But, if they try “hopey changey thing’ or leave out the apostrophe or spaces or use ‘you’ or omit the question mark, they’re still out of luck.

  195. 195.

    Jim Parish

    @Omnes Omnibus: During the negotiations over Irish independence, the two leaders of the British delegation were Welsh, and would discuss matters in secret by switching to their native tongue. (One of them was David Lloyd George; I don’t recall who the other was.) The Irish had no similar capability, because none of them were fluent in Irish Gaelic – only English.

  196. 196.

    Applejinx

    “yOu cAn dO aNything. gRab tHem bY tHe pUssy. tHey lEt yOu dO iT.”

    If you’re misremembering the quote, so much the better as long as you’re totally clear on how you think of it. As you can see, if you’re determined to avoid ‘guessable words’ (with a phrase this long, it’s moot) you can pick a simple tactic like ‘I always capitalize the second character’ or ‘reversed caps: first letter, no cap, all other words capitalized’.

    That password above is 154 bits of entropy by XKCD standards. (I’m not sure why single words are ’11 bits’ wide if individual characters themselves are at least 8)

    Length of phrase is way more important than whether Sherlock Holmes is gonna deduce your line of thinking.

  197. 197.

    Phenobarbarella

    @Ruckus: Not sure what you mean by “hacks the generator.” The generator is an adjustable CSPRNG; it runs off entropy accumulated (typically from /dev/null) on your local device. If you have concerns that a 1337 h4xx0r can specifically target you and acquire privileges to replace the generator on your device which is part of the kernel itself, you may have larger problems. :-)

    If, OTOH, you meant “hacks the password manager,” (not generator) then there are two portions to that question, I think. Most good password managers fully encrypt your data, using AES-256 in either GCM or CBC mode. If you’re aware of any current news that AES-256 has been compromised significantly, please share — I have seen none. Well-constructed cryptography ciphers are in use by both state actors (the NSA uses AES-256 themselves) and the larger web, and there only two ways around it — brute force the math (which is essentially impossible, given today’s resources) or find a flaw in the cipher. If some rando 1337 h4xx0r had found a flaw in AES encryption, the world would’ve heard of it by now. That’s not to say it’s flawless forever…just that it’s been banged on by security researchers for more than a decade now, without success.

    So if the actual cryptographic cipher itself is considered secure (and it is), the other attack vector would be your choice of master password (the password that unlocks your password manager and generates the actual AES encryption key which transforms your blob of unreadable ciphertext (your password manager’s data) into human- and machine-readable form. In fact, this is where virtually all attempts to break into password managers occur, because by far the weakest link in the chain is not the math of a well-tested cryptographic cipher like AES-256, but the user’s inability (or simple unwillingness) to use a really difficult-to-brute-force master password.

    As you’ve noted, computing power is (relatively) cheap. However, there are ways to figure out computational cost of various strengths of password. Yes, if you use “password1” as your password, a sophisticated adversary in possession of your encrypted data would simply run a dictionary attack against your data, and you’d be pwned in short order. But if you take the time to create and use a good master password for your password manager, the landscape changes significantly. Again, most good password managers will strengthen the encryption key derived from your master password with technology that slows the ability of attackers to run multiple guesses-per-second. Tools like hashcat and John-the-Ripper, unchecked, can run in the billions of guesses-per-second. But a key strengthened with something like PBKDF2, especially such as PBKDF2-HMAC-SHA256, assuming a proper number of rounds (something that won’t crush older, less-powerful hardware but WILL be more than a token, say around 100,000) can slow that down vastly. How slow? Again, a lot depends of many variables, such as what kind of hardware you bring to bear on it. Typically this would be a GPU-enhanced system, often multiple-GPUs. With 100,000 rounds of PBKDF2 used to strengthen your AES key, a decent multi-GPU setup (not cheap) would be limited to maybe 40,000 guesses per second. Possibly way fewer, but let’s go with this.

    Is that a huge amount? Well, sure. I can’t guess that fast. ;-) But that’s where you, the user, gets to weigh in. The longer and stronger you make your Master Password, the more time it takes to go through every combination. And indeed, many of the suggestions in this thread, including XKCD’s original one of using TRULY randomly-selected (a la diceware) words, are excellent for creating a strong, difficult-to-crack Master Password. How difficult? Well, even if we use bits of entropy (base 2, obvs) instead of longhand, it’s hard to represent the equations here. So you’ll sort of have to trust me here, (unless you wanna test it out for yourself — and if so, you’re my kinda guy! — http://www.shannonentropy.netmark.pl/ ). But your average three-word phrase (assuming proper random selection, yada yada) would be about 39 bits of entropy. At 40,000 guesses-per-second, that works out to be about 68 straight days (24/7) to crack that password. Totally doable. Three words is not enough in today’s world. However because we’re using log scale here, that means the difficulty goes up exponentially as you add words. a four-word Master Password is about 51 bits of entropy. At 40,000 guesses-per-sec, that’s a whopping 1,445 YEARS to crack. Even with all that hardware. A five-word phrase is about 64 bits of entropy, and at 40K gps (guesses-per-sec), it’s 11 million years.

    I dunno about you, but I consider most 1337 h4xx0rs to be kinda poster children for short attention span. Not sure how many of them have 11 million years to wait around. :-) Now, if you’re worried that the “hacker” targeting you specifically is a global state actor? You may have larger problems, and much of these calculations would be reduced due to the greater firepower and money able to be brought to bear. But the math is still the math, and as Ed Snowden has continually maintained, properly implemented strong cryptography is one of the few things that DOES actually work. So, get yourself a good password manager, and create a really strong master password. Not only will you sweat less because you have to remember less passwords (or reuse them, a truly terrible idea), you can use it to create really long, strong passwords for all your OTHER sites, which you never have to remember.

Comments are closed.