EEVblog Electronics Community Forum
Products => Computers => Security => Topic started by: Beamin on June 02, 2019, 09:11:09 pm
-
I'm sure most of the people here are tech savvy and may already implement this but when I tell people this they always say "I never thought of that"
So instead of paying or using a program to store all your passwords use the word "password" and the same password for everything (but add a step), and you can't forget it. It's just an algorithm for all your passwords so you only have to remember the algorithm and the passwords are always different and hard to figure out.
A simple Idea:
When logging into your account: Take the domain name ie "capitalone"
Look at their password requirements: 8 char min, letters AND numbers, one capital letter
Make an algorithm that meets the bare minimum of these requirements.
You can make this be anything you want as long as you remember it. Here is one easy example
Take the word “password” as a starting password (can be any word)
Take the first two letters in the domain name and convert them into numbers CApitalone = c=3 a=1
Add this number to the front of your password: 31password
Needs capital letters, so take the last letter in the domain name: e and write it twice at the end of your password: 31passwordEE
Now you can do that but vary the letters with each website name and you have the same but different and hard to figure out password, add more steps and math to make it more secure. What ever happened to those ads that said “One simple trick” or “Language professors/car insurers HATE this”, anyways? Person that started that deserves to be shot.
-
Such systems can be ok, but if someone figures out your system you are toast. Still, it's a lot better than using the same password everywhere.
You shouldn't use the word "password" or any dictionary word as part of a password though, and you shouldn't use someone else's system, but using some sort of system is better than using the same password everywhere.
-
And for those websites requiring special characters, replace the S with a $, the X with a *, the l with a !, and so forth.
-
One system I've seen is to make a card with a grid of random letter/characters, say 10x10. For each site, you just need to remember the sequence of squares. Optionally, you can tattoo it on yourself. Change it up once in a while.
Me personally, I wanted a web based password manager that is locally hosted that does not require any special software or OS specific requirement. Could not find anything so I just wrote my own. I just copy and paste the password. Eash site has it's own password. Too many sites leaking credentials now days so I don't reuse passwords anymore. If I need a password remotely, then I VPN in my network. Currently I only allow my work IP to access the VPN though, but work and home is about the only place where I can find myself wanting to access my home network.
As a side note, why do so many sites have so many limits to what characters you can use? It's all getting hashed anyway (or it BETTER be), so don't even need to worry about filtering out any chars that could lead to a SQL injection. Technically don't even need a character limit, but any password longer than the hash is probably diminishing returns.
-
And for those websites requiring special characters, replace the S with a $, the X with a *, the l with a !, and so forth.
OH $#!| !!!
IF you have two factor couldn't your password just be "password" and its just as secure?
-
Mostly I keep my passwords in an encrypted file and I do not want any site, browser or program remembering it. I have some "basic" units which I mix. I have a four digit and a five digit pin. My wife has another two. Then I have some basic combinations of letters. She has two. We both learned each other's and it is easy to combine different forms of these.
So most of the sites I use often I remember the PW.
Sometimes I make up something fancy on the spot. 2burguers7.50, 25milestoPapas, etc. Something that makes sense to me because I hate those you can never remember: Ft3bG76Hj*tr4%. Yeah, nobody is going to remember that.
It is also easy for me to remember by the position of keys on the keyboard like say, vb7nm. If I need a longer PW I can duplicate it: vb7nmvb7nm.
Whatever you can remember.
-
A system I have considered is to use a book code, pick a random book, use the method Beamin described to derive a page number in the book (might have to do modulo number of pages), then you take the third letter of the first/last/third word on each page, and so on. That way you can have passwords that are hard to guess and you don't have to have them written down anywhere. Might want to keep two copies of the book in different places though.
-
The DNC in 2016 used that "password." Most people consider it stupid. They blamed President Trump when their servers were hacked. America spent $35 million to show it was not Trump. Was it worth that to protect Hillary and the DNC?
-
There is a saying: never implement your own crypto. The problem is, that such attempts are based on misunderstanding of the threat model, insufficient knowledge and experience to see weakness, and mistaking own inability to defeat the solution with its strength. Let me paint a picture to explain this. Kids are often mimicing the world of adults. They may build a “safe” from paper, draw a pinpad on it &c. In their eyes this is a perfectly valid method of protecting their tiny savings! You, as an adult, know that it will not work. The paper safe will be torn apart by a thief. But… actually the threat model is wrong too: the thief will take their laptop(1), and will never care about the few dollars :). Unless you are an experienced cryptographer, attempts to build your own security will be not different than that safe made of paper.
Humans are horrible at generating good passwords. Never trust your brain — it is too weak to be able to make a decent password. Whatever you come up with, most likely it is already shared with many other people. Your “super unpredictable password” is much less unpredictable than you think. Some real-world statistics: I once checked passwords in a service I was administrating. 30 most popular passwords were shared by 3% of all users: about a half thousand accounts.
Passwords should never be shared between services. An algorithm to modify the password seems like a good idea, because it fulfills that requirement. Unless you are a victim of an attack targeted at you personally, no one will try to guess the algorithm — it’s not how large scale attacks work nowadays. So is this a perfect solution? Unfortunately… no. It tries to protect against a non-existent threat (making it hard to derive a password from another one), while the actual danger is never addressed. The problem is, that the outcome of such an algorithm is expected to be a dictionary password anyway — no matter how many and how complex steps you employ. You just produce a series of weak passwords. Your algorithm might even be unbreakable, but a typical attacker will never touch it. They will go straight with the dictionary attack or reverse brute-force. You might try to check the password at Have I been pwned (https://haveibeenpwned.com/), but even that has limited use. The result of that check is not “is certainly not safe / is certainly safe”, but “is certanly not safe / is possibly unsafe”.
And all that under an assumtion, that your algorithm is good. As with generating passwords, the brain is bad at making password-modifying algorithms. This is evident in how people periodically change their passwords. And your algorithm must work both spatially — across services — but also in the time dimension. If your employer is a victim of a targeted attack, the intruders will guess your new passwords if they are modified by an algorithm. You may imagine, that adding more steps will be better. It is not: you are just requiring much more effort from yourself, withou introducing much complexity from the mathematical point of view. That’s why you do not see new encryption algos being developed by adding more steps. From perspective of mathematics, this is a single(!) bijective operation no matter what you do. Oh, and this is yet another point: you would have to prove that the algorithm is a bijection. Otherwise you will be slowly losing entropy with each generated password.
Adding digits, replacing characters with look-alikes, changing some letter to uppercase is not very useful. Depending on the method use, it gives 1–2 bits of entropy per step. This is close to nothing, considering that a random 8-character password is 48 bits and this is considered absolute minimum. Human-generated passwords of that length barely reach 20 bits.
What you want is a password that has high entropy. There are two well known methods, that work:- Generate random characters. This gives a relatively short password, but you have no chances of remembering it.
- Systems like diceware (https://en.wikipedia.org/wiki/Diceware), which with 4–6 words give good, easy to remember passwords.
Unfortunately diceware doesn’t solve the problem of remembering many passwords. So the best strategy is to have some kind of non-brain password storage and remember only a few passwords you really have to type by hand. You may do that using either a password manager or an encrypted file. The problem with files is that they may quickly become hard to manage and, if used with standard text processing tools, are far from perfect — they may leak the passwords. This is why password managers have been invented. A response to the problem. I haven’t seen any better option yet.
An additional bonus of not having to remember passwords? You can’t be forced to give them away, unless someone has your passwords database. For example you can’t put a gun to my head and expect me to give you access to my bank account. Even if I would like to, I have no option to do so.
Also, obligatory XKCD 936 (https://www.xkcd.com/936/).
____
(1) For the sake of example let’s ignore current trends in developed countries: electronics becoming less and less wanted by thieves.
-
A system I have considered is to use a book code,
No need. Every one of us knows a piece of poetry, verse, literature, ditty, whatever. You can work from there. Take the first letters of words, two letters, whatever.
I have my important files encrypted with PGP but I need the PGP keys to decrypt. What if I lose the PGP keys (even though I have secure copies in several places)? I have a last resort file which has my keys, passwords and important files and this file is encrypted using symmetrical encryption and the password is so long it takes a while to input but I will never forget it because it is based on something I learnt as a child and can never forget .
-
I once worked for a company that had 8 character passwords. They required it not start with a number and have a number and various other rules. As far as I could work out they ended up reducing the set of available passwords by over 90%.
But I'm sure they thought they were on the cutting edge of security best practise.
-
The DNC in 2016 used that "password." Most people consider it stupid. They blamed President Trump when their servers were hacked. America spent $35 million to show it was not Trump. Was it worth that to protect Hillary and the DNC?
Can we leave Hillary back in 2016? Shes not going around doing campagna stops and speaking rallies playing with twitter talking shit. You know if you guys didn't constantly bring up Hillary no one would even think about her. But what about Hillary? But what about pizzagate? But what about the emails? But what about Benghazi? What about it? Give the whole Hillary thing a rest. The right wing brings her up so much that when she hears her own name she gets irritated I know I am.
I don't see what that has to do with anything. Whats your password? I want to check your accounts for viruses like that republican guy who got caught downloading porn and said he "was checking the porn sites for viruses" , come to think of it it was Hillary who put the porn on his computer. The Clintons will stop at nothing!
We should start a thread : What is your user name and password.
On AOL back in the day you could go into the "Newbie" chat room message people saying you worked for aol and needed their info and password, most times they gave it to you. Free hours with AOL!
-
A system I have considered is to use a book code, pick a random book, use the method Beamin described to derive a page number in the book (might have to do modulo number of pages), then you take the third letter of the first/last/third word on each page, and so on. That way you can have passwords that are hard to guess and you don't have to have them written down anywhere. Might want to keep two copies of the book in different places though.
Or you generate a password [emoji3] On a Mac that comes default (keychain) and you can set the conditions (length, characters).
Sent from my X using Tapatalk
-
The DNC in 2016 used that "password." Most people consider it stupid. They blamed President Trump when their servers were hacked. America spent $35 million to show it was not Trump. Was it worth that to protect Hillary and the DNC?
Can we leave Hillary back in 2016? Shes not going around doing campagna stops and speaking rallies playing with twitter talking shit. You know if you guys didn't constantly bring up Hillary no one would even think about her. But what about Hillary? But what about pizzagate? But what about the emails? But what about Benghazi? What about it? Give the whole Hillary thing a rest. The right wing brings her up so much that when she hears her own name she gets irritated I know I am.
I don't see what that has to do with anything. Whats your password? I want to check your accounts for viruses like that republican guy who got caught downloading porn and said he "was checking the porn sites for viruses" , come to think of it it was Hillary who put the porn on his computer. The Clintons will stop at nothing!
We should start a thread : What is your user name and password.
On AOL back in the day you could go into the "Newbie" chat room message people saying you worked for aol and needed their info and password, most times they gave it to you. Free hours with AOL!
You seem confused, rambling, and tangential.
"Password" was used as the password by the head of the DNC and probably contributed to the hacking of its computers.
-
Just use lastpass it's a whole lot easier.
"but what if lastpass gets compromised"
Well then you have an easy precompiled list of the sites you care about to change their passwords.
-
I mostly use model numbers of equipment I had a lot to do with decades ago, with extensions if necessary.
Unless someone had been living "in my pocket" for the last 50 years, it would be quite hard to find them out.
My Google password is pretty weak, I must admit, but trying simple ones, then multiple complex ones for a hour or so, only to be told they were "already taken", led me to try an abusive password, which worked.
I was amazed that it wasn't already taken! ;D
It would probably be easy to crack, by just thinking up enough nasty things to say to or about Google.
But it's Google, who cares?
I don't do "online banking", the only things I pay online are my Ham licence (if the website is actually working), buy Lotto tickets from the State Lotteries Commission, & once with Paypal.
Other bills are paid at the Aussie Post shop who will accept payment for a lot of bills, or by cheque (yes, cheque!). :o
By reducing my financial exposure to the Internet, the dangers are reduced to a low level.
If I were really paranoid, my "nickname" on this & other forums would not be my Amateur Radio callsign, which is a matter of public record, along with my full name, address, etc.
In fact, by going to QRZ.com & searching for vk6zgo, you can find all that out, without having to brave the perils of ACMA's dysfunctional website!
You can follow that up, using Google Earth to get a 6 year old picture of my house.
At that point, someone would probably give up in disgust!
-
Using dictionary words (such as "Capital" and "One") are a bad idea overall. Even with character substitution, password cracking tools are designed with such permutations as part of their standard attacks. Everyone knows "tricks" like replacing the letter S with the number 5 or $ symbol, including attackers.
Just something to keep in mind.
-
Just use lastpass it's a whole lot easier.
"but what if lastpass gets compromised"
Well then you have an easy precompiled list of the sites you care about to change their passwords.
Sites you care about also use two-factor. If they do not, then you don't care about them enough, or vice versa.
When is this forum getting two-factor? (that's the next step after https right? ;D)
-
You seem confused, rambling, and tangential.
"Password" was used as the password by the head of the DNC and probably contributed to the hacking of its computers.
Beamin is confused and off on a tangent?
You brought the political BS into the discussion and created that tangent.
Anyway, passwords,
I'm one of those people who can remember car registration numbers for all sorts of things, the Black BMW that cut me up at the roundabout 6 weeks ago, the really nice old Morris Traveller in duck egg blue, etc. etc.
So, car registration numbers, plus something of the colour, the make, the model and a smattering of special characters.
Those and custom chip part numbers, the in-house marking of parts in custom computers, IBM bits, all sorts of random stuff only an engineer would place any significance on all work for me.
But, as I need ever more passwords and I get older I find I need a password manager, I don't like the idea of a piece of software that might be on one machine or could be compromised so I've been considering building myself something.
A nice little OLED display in a pocket sized case, perhaps about the size of an RSA ID fob, fingerprint reader and an ARM chip with a couple of buttons to 'scroll' through the list.
Maybe even give it USB connectivity so it can pretend to be a keyboard and 'type' the password for me, that'd make it possible to use impossible to remember, long passwords.
Another idea for the never to be completed pile of projects in notebooks
-
What big companies IT administrators, dont think about is the rest if the word.
I'm using keyboards with 5-6 different layouts. Some has characters like űáú on it, the others, you have to press shift to type numbers, some has US layout, some has UK, all of them has the special characters at the different place. Some is on touchscreen. I type my default password with muscle memory.
I just want to use the password that I used for 20 years. That's all.
-
Security comes with a price, you always have to weight the cost against the risks. If the risks are great you need to sacrifice more time and convenience on security.
There is a problem with using the same password everywhere, passwords leak from websites that get hacked (or are dishonest) so it will eventually end up in a list somewhere (someone else's list) and they will try to log into your other accounts.
-
I'm not going to comment on the "security" of this method.
However, I will note a more innocuous and beneficial application of similar nature:
https://gmail.googleblog.com/2008/03/2-hidden-ways-to-get-more-from-your.html
If you have a GMail account, you can do this, and hence keep track of which sites you've handed out your e-mail to (and which ones are leaking/selling them to advertisers/spammers).
Or if you own your e-mail domain/server, you can do the same thing, implemented directly.
Tim
-
You seem confused, rambling, and tangential.
"Password" was used as the password by the head of the DNC and probably contributed to the hacking of its computers.
Beamin is confused and off on a tangent?
You brought the political BS into the discussion and created that tangent.
Anyway, passwords,
I'm one of those people who can remember car registration numbers for all sorts of things, the Black BMW that cut me up at the roundabout 6 weeks ago, the really nice old Morris Traveller in duck egg blue, etc. etc.
So, car registration numbers, plus something of the colour, the make, the model and a smattering of special characters.
Those and custom chip part numbers, the in-house marking of parts in custom computers, IBM bits, all sorts of random stuff only an engineer would place any significance on all work for me.
But, as I need ever more passwords and I get older I find I need a password manager, I don't like the idea of a piece of software that might be on one machine or could be compromised so I've been considering building myself something.
A nice little OLED display in a pocket sized case, perhaps about the size of an RSA ID fob, fingerprint reader and an ARM chip with a couple of buttons to 'scroll' through the list.
Maybe even give it USB connectivity so it can pretend to be a keyboard and 'type' the password for me, that'd make it possible to use impossible to remember, long passwords.
Another idea for the never to be completed pile of projects in notebooks
Sounds like this:
https://www.themooltipass.com/
Sent from my Pixel 2 XL using Tapatalk
-
Basically what you're doing is creating a salt using a fixed password, and then adding your own details for each website. Most password hash algorithms already do this, but adding your own solves the problem that if you use the same password everywhere, cracked password on site A compromises everything. Also poor sites that just use a simple (unsalted) hash are potentially the worse. I worked in a place like that at one point (they've long since changed), and I had got to the point where I could recognize the md5 for a number of common passwords (like 1234, qwerty, & Password)
If you did something like make your base password "Secret1" and then your email password "Secret1gmail" and your banking password "Secret1money", etc etc, you're way way way further ahead than just using gmail and money as passwords.
However, as xkcd point out, just a string of random words provides more entropy.
-
One simple trick for passwords the big companies don't want you to know about! ??
The "trick" is one more of millions but who are the "big companies" that don't want you to know? And why would they care?
-
Better yet: generate a random password for each site/service and use a password manager under Linux. I may be able to build a pseudo-random number generator that uses pressure, temperature, humidity and time garbled as a seed to generate random info.
Kind regards, Samuel Lourenço
-
Basically what you're doing is creating a salt using a fixed password, and then adding your own details for each website. Most password hash algorithms already do this, but adding your own solves the problem that if you use the same password everywhere, cracked password on site A compromises everything. Also poor sites that just use a simple (unsalted) hash are potentially the worse. I worked in a place like that at one point (they've long since changed), and I had got to the point where I could recognize the md5 for a number of common passwords (like 1234, qwerty, & Password)
If you did something like make your base password "Secret1" and then your email password "Secret1gmail" and your banking password "Secret1money", etc etc, you're way way way further ahead than just using gmail and money as passwords.
However, as xkcd point out, just a string of random words provides more entropy.
Yes.... I think the point was, this makes it easy to recall/remember your passwords for alll your sites.
The problem you'll run into with this is when password changes are required. Some sites do require password changes at regular intervals. Other times one of them might suddenly require a password change due to a security incident. You'll need to change your algorithm and change passwords at all the sites, or have custom algorithms for each of the sites, which defeats the purpose...
-
A system I have considered is to use a book code, pick a random book, use the method Beamin described to derive a page number in the book (might have to do modulo number of pages), then you take the third letter of the first/last/third word on each page, and so on. That way you can have passwords that are hard to guess and you don't have to have them written down anywhere. Might want to keep two copies of the book in different places though.
Or make that book the bible and instead of pages use verse so your password is always as close as the nearest hotel room.
Sure you brain might be bad at making passwords but for most of us we are not going to have people target just us individually.
-
Using dictionary words (such as "Capital" and "One") are a bad idea overall.
There is one important thing to note. The term “dictionary password” does not refer to a dictionary as in “English language dictionary”. It refers to a dictionary attack. For example “constantinopolitan” is certainly found in English dictionaries, but even in all-lowercase form had(1) relatively low chances of ending up in a dictionary used for an attack(2). On the contrary, “correct horse battery staple” (with or without spaces etc.) is already a well-known dictionary password, and so are “dupa.8”(3) and “zaq12wsx”.
Think of “dicationary password” as a synonym for a password, that could potentially be found with high probability in a relatively small subset of passwords. This is how a dictionary attack works. The attacker compiles a “small” list4 of passwords, the dictionary. It contains passwords that are, in author’s opinion, most likely to be right. The dictionary may consist of already leaked passwords, which is a good strategy, because humans overestimate their brain’s ability to generate good passwords and it is likely that many other people will use the same “unique and completely unguessable” password. The dictionary may contain fully generated passwords, if the generation algorithm is known: 4-digit credit card PINs have very uneven distribution (http://www.datagenetics.com/blog/september32012/), entry gate PINs are often made to be “easy to memorize” (which limits them to a set much smaller than the full 10000), hotspots for clients typically ue “<company-name><simple-suffix>” and so on. They may be copied from well-known sources, from which people take “random passwords”: for example the Bible, popular stories, poems, songs or well-known tretise. Sometimes many methods are combined: e.g. a words list may be modified by replacing ‘S’ with ‘$’, changing case, adding digits here and there or similar.
The only known method to counter the dictionary attack is increasing password space so much that compiling a dictionary, which would have any useful yield, is prohibitely costful. And this is where high password entropy comes into play.
____
(1) Past tense; it stopped having that property the very moment I pressed the “Post” button. ;) So do not use it.
(2) But not low enough to be considered good security-wise, if all possible scenarios are taken into account. In an average, low cost per victim attack it is unlikely to see it, but increase the allowed cost a bit and the attacker will break it.
(3) At least for Polish targets.
(4) Small relative to the possible passwords space. The dictionary may reach terabytes in size.
-
I too had a similar brilliant idea and thought such a "system" was super clever... when I was 15 :P It is naïve to believe that and a poor advice. Sure, better than the same password for everything but still nowhere near secure. For me, a KeePass implementation on my computer and mobile device, syncing to single "cloud" location, does the trick. This way I always have an up-to-date database with me, no matter where I update it.
-
NOTE: This message has been deleted by the forum moderator Simon for being against the forum rules and/or at the discretion of the moderator as being in the best interests of the forum community and the nature of the thread.
If you believe this to be in error, please contact the moderator involved.
An optional additional explanation is:
-
NOTE: This message has been deleted by the forum moderator Halcyon for being against the forum rules and/or at the discretion of the moderator as being in the best interests of the forum community and the nature of the thread.
If you believe this to be in error, please contact the moderator involved.
An optional additional explanation is: Quoted deleted text which is irrelevant/inappropriate.
Rudeness is uncalled for.
Tim
Please review the conduct of the OP.
-
You seem confused, rambling, and tangential.
"Password" was used as the password by the head of the DNC and probably contributed to the hacking of its computers.
Beamin is confused and off on a tangent?
You brought the political BS into the discussion and created that tangent.
Anyway, passwords,
I'm one of those people who can remember car registration numbers for all sorts of things, the Black BMW that cut me up at the roundabout 6 weeks ago, the really nice old Morris Traveller in duck egg blue, etc. etc.
So, car registration numbers, plus something of the colour, the make, the model and a smattering of special characters.
On a "working holiday" in the UK in 1971, my mate & I bought two "old bangers".
The first was an Austin A95, rego number VAA84, colour, maroon.
This wasn't too bad, but used petrol like it had its own Middle Eastern country, so we replaced it with a dark blue "100E" Ford Popular, rego number 190WEV.( Ohh bummer! I can't use those as passwords, now!)
The funny thing is, I can remember details about those cars, but ask me about the street addresses I lived at, & my mind is a blank!
Edited :-Removed the crosshatch symbols, just in case they activate the "hashtag"feature.
Those and custom chip part numbers, the in-house marking of parts in custom computers, IBM bits, all sorts of random stuff only an engineer would place any significance on all work for me.
But, as I need ever more passwords and I get older I find I need a password manager, I don't like the idea of a piece of software that might be on one machine or could be compromised so I've been considering building myself something.
A nice little OLED display in a pocket sized case, perhaps about the size of an RSA ID fob, fingerprint reader and an ARM chip with a couple of buttons to 'scroll' through the list.
Maybe even give it USB connectivity so it can pretend to be a keyboard and 'type' the password for me, that'd make it possible to use impossible to remember, long passwords.
Another idea for the never to be completed pile of projects in notebooks
-
Sounds like this:
https://www.themooltipass.com/ (https://www.themooltipass.com/)
Sent from my Pixel 2 XL using Tapatalk
hah, yes, it does, very similar indeed.
-
Sure, better than the same password for everything but still nowhere near secure.
There's no such thing as "secure" (as in perfect). It comes down to convenience vs risk. Security costs time, money and effort. What is naive is to think people will memorise a unique high entropy, perfectly randomly generated password for every website they use, and on top of that change them regularly. It just isn't practical. The end result is that people use a simple to remember, low entropy, password that they use everywhere which is the worst possible result (it's a well established fact).
By memorising only one password that is good, and add some bits using a system based on for example the domain name, you have gained a huge amount of security at very little cost, that is why it's a good idea.
But I think you should make sure the base password is good and the system isn't immediately obvious by someone who sees one version of your password (because a lot of websites store passwords in cleartext).
So should you use this? Well, it all depends on the risk. If you use the same password everywhere today it's a huge improvement. If you use it to protect passwords that are not important like a password to some game forum, or whatever, then why not. If you are the POTUS, then no, you should use something better (and pay a professional to help you). Should you use it for your bank password? no, use a better solution in that case. Cost vs risk.
Do I use such a system? Not anymore, because I'm a nerd and a bit paranoid and I like programming, math and encryption and such things. I wouldn't use one of those password programs either, because that is also not secure for various reasons. (In that case you are better off generating and storing passwords in a list you manage yourself as some others here do.) In the early days of the internet I used a fairly simple scheme so I din't have the same password everywhere at least, and I know for a fact it has saved my ass many times when forums and other websites have had their password databases stolen. It happens much more often (and from big "reliable" sites) than people think.
-
There's no such thing as "secure" (as in perfect). It comes down to convenience vs risk. Security costs time, money and effort. What is naive is to think people will memorise a unique high entropy, perfectly randomly generated password for every website they use, and on top of that change them regularly. It just isn't practical.
:palm: That's why I recommended using a password manager, right? Also, I haven't said anything about regular password changes that I strongly oppose.
Do I use such a system? Not anymore, because I'm a nerd and a bit paranoid and I like programming, math and encryption and such things. I wouldn't use one of those password programs either, because that is also not secure for various reasons. (In that case you are better off generating and storing passwords in a list you manage yourself as some others here do.)
You call yourself a nerd yet you don't know what KeePass is? ;) It's not a web service like LastPass that is forcing you to use any web storage hosted by any particular provider. It's an open source application that works on a file-based database and you're free to host it wherever you want. If you want a self-hosted web-based solution, try Bitwarden. Dismissing well-established and verified products with an assumption that you know better and are better off hacking your own solution is the very common newbie's misconception as, like the countless roll-your-own-crypto horror stories tell, you probably do not and you aren't.
-
Also, I haven't said anything about regular password changes that I strongly oppose.
No but it's more secure if you change your password regularly. I just meant that there is no way you can be 100% secure, you have to weight the cost vs the risk, there's always a trade-off.
You call yourself a nerd yet you don't know what KeePass is? ;) It's not a web service like LastPass that is forcing you to use any web storage hosted by any particular provider. It's an open source application that works on a file-based database and you're free to host it wherever you want. If you want a self-hosted web-based solution, try Bitwarden.
Nice to see there is a free open source alternative. I believed you had to pay for the cloud solutions/phone apps/etc. If they are free then it looks like a good solution as well!
Dismissing well-established and verified products with an assumption that you know better and are better off hacking your own solution is the very common newbie's misconception as, like the countless roll-your-own-crypto horror stories tell, you probably do not and you aren't.
Creating a (good) crypto is really hard, so not a good idea. Maybe I'm missing something but I believe those programs only manage a list of passwords for you (encrypted). I don't see the big problem with just having your own list (that you can encrypt if you like)? If you need more security than that you shouldn't be using either imo, but again, it's a lot better than using the same password everywhere. It always comes down to convenience vs risk.
Like I said in the previous post, if you need to protect something important you should hire a professional!
I don't really care if my personal password management solution is super safe (cost vs risk), it's safe enough for me (it's way overkill actually), and I enjoy rolling my own.
-
No but it's more secure if you change your password regularly. I just meant that there is no way you can be 100% secure, you have to weight the cost vs the risk, there's always a trade-off.
General consensus amongst security experts is it's anything but (https://arstechnica.com/information-technology/2019/06/microsoft-says-mandatory-password-changing-is-ancient-and-obsolete/) (further sources linked in the article if you don't trust Microsoft). Forcing regular password changes does more harm than good. Here's just a few reasons it's a generally bad idea:
- It's a chore and annoys people. As such, they're more likely to come up with trivial, unsecure and easy to remember passwords and/or write them on a post-it note stuck to their monitor or a bottom of the drawer. Majority of people, when forced to change their password over and over again, usually at the least convenient moment possible, just do the bare minimum for the system to accept it. Read: they increase the number at the end.
- A compromised password is a compromised password. If you're aware of a security breach or have to deal with a rogue employee, you invalidate the password immediately anyway. Waiting for the password to expire is not good enough.
- Similarly, a non-compromised password is a non-compromised password. It doesn't get stale or lose its strength over time. You're doing a disservice to the user of a unique and strong password by forcing them to change it for no reason: chances are they'll now lean towards simpler, weaker p@$$w0rds11 from now on, just to be done with it. Nobody likes to waste their time and energy pointlessly.
- My bank, one of the award-winning leaders of the banking innovation in my country, has forced me to change my password exactly once in some 19 years of me using their account, after there was a suspicion of a breach/data leak. I'm pretty sure they've done their homework properly.
Nice to see there is a free open source alternative. I believed you had to pay for the cloud solutions/phone apps/etc. If they are free then it looks like a good solution as well!
KeePass has became the de-facto standard for password managing, even in the corporate world. It's among the top subjects of the security researchers' scrutiny so there's pretty good chance you can't do much better than this. You can keep your database file on your disk, cloud storage drive (like OneDrive), WebDAV-accessible server or a floppy disk stored at the bottom of Mariana Trench - your call, totally up to you.
Creating a (good) crypto is really hard, so not a good idea. Maybe I'm missing something but I believe those programs only manage a list of passwords for you (encrypted). I don't see the big problem with just having your own list (that you can encrypt if you like)? If you need more security than that you shouldn't be using either imo, but again, it's a lot better than using the same password everywhere. It always comes down to convenience vs risk.
Like I said in the previous post, if you need to protect something important you should hire a professional!
I don't really care if my personal password management solution is super safe (cost vs risk), it's safe enough for me (it's way overkill actually), and I enjoy rolling my own.
Sure, if you enjoy rolling your own, I'm not going to argue with that; more power to you. But purpose-made passwords managers like KeePass are so much more than a simple list. You have a tree structure with as elaborate or as simple structure as you wish. You have password auto-typing, automatic clipboard handling, capable and fast search, flexible password generators, to only name a few. Just for fun, I've just fired-up my KeePass, entered its long and secure master password (it's a muscle memory now), searched for the EEVBlog forum entry, copied the password to clipboard and pasted it into the password box. It took me under 15 seconds and I'm usually quicker than that, while not under pressure of timing my actions. It really promotes proper password "hygiene".
-
Forcing regular password changes does more harm than good.
Yes I agree with that. That was sort of my point, trying to force expensive/complicated security solutions on people who doesn't need them is just going to make them circumvent the system and use something stupidly insecure instead. Better to promote something convenient they will use, than something fancy they will not.
Nice to see there is a free open source alternative. I believed you Sure, if you enjoy rolling your own, I'm not going to argue with that; more power to you. But purpose-made passwords managers like KeePass are so much more than a simple list. You have a tree structure with as elaborate or as simple structure as you wish. You have password auto-typing, automatic clipboard handling, capable and fast search, flexible password generators, to only name a few. Just for fun, I've just fired-up my KeePass, entered its long and secure master password (it's a muscle memory now), searched for an EEVBlog forum entry, copied the password to clipboard and pasted it into the password box. It took me under 15 seconds and I'm usually quicker than that, while not under pressure of timing my actions. It really promotes proper password "hygiene".
If it's free of charge and open source then it sounds like a good solution. :-+
Looks like it's geared towards windows though.
KeePass has became the de-facto standard for password managing, even in the corporate world. It's among the top subjects of the security researchers' scrutiny so there's pretty good chance you can't do much better than this. You can keep your database file on your disk, cloud storage drive (like OneDrive), WebDAV-accessible server or a floppy disk stored at the bottom of Mariana Trench - your call, totally up to you.
How about not storing them on any networked computer at all? ;) (less convenient perhaps, again, it's cost vs risk...)
-
General consensus amongst security experts is it's anything but (https://arstechnica.com/information-technology/2019/06/microsoft-says-mandatory-password-changing-is-ancient-and-obsolete/) (further sources linked in the article if you don't trust Microsoft). Forcing regular password changes does more harm than good. Here's just a few reasons it's a generally bad idea: (…)
It should be noted, that the blog post refers to password changes enforced by administrators, not to the idea of changing passwords periodically. The drawbacks listed by Microsoft are well known for years and they are limited to and caused by the enforcement itself. If you use a password manager and random passwords, they are not present.
Whether regular changes are beneficial is a separate issue. The idea is as old as passwords and got slipped into computer security without much thinking. Then it was practiced unquestioned for decades, despite progress in the subject of security removed many reasons for its existence. As an example: while today it is unimaginable, in the past passwords were shared among workers. Periodic password change was addressing this issue. Today the importance may be marginal, but I would say we’re far from any consensus on effectiveness of the method.
Creating a (good) crypto is really hard, so not a good idea. Maybe I'm missing something but I believe those programs only manage a list of passwords for you (encrypted). I don't see the big problem with just having your own list (that you can encrypt if you like)? If you need more security than that you shouldn't be using either imo, but again, it's a lot better than using the same password everywhere.
To add to what Zbig has said, you seem to be underestimating the weight of the first sentence of yours. If you think, that you can mimic behaviour of a working password manager by just applying encryption to a file, a quick question: how do you access data? Unpacking it on your hard drive and copy-pasting? Bad news: that means you are spreading secret all over the system and making it persist unencrypted for a long time. Be happy, that Java applets are no longer supported, because for years on Windows the default policy for Sun’s Java plugin was to allow accessing clipboard — to not aggreviate users.
Also if you need password-based security, a password manager is exactly what you want. Can you offer a better solution?
Like I said in the previous post, if you need to protect something important you should hire a professional!
A password manager is the professional you are hiring.
I don't really care if my personal password management solution is super safe (cost vs risk), it's safe enough for me (it's way overkill actually), and I enjoy rolling my own.
How rolling out and managing your own solution is cheaper than using an existing one?
-
Unpacking it on your hard drive and copy-pasting? Bad news: that means you are spreading secret all over the system and making it persist unencrypted for a long time. Be happy, that Java applets are no longer supported, because for years on Windows the default policy for Sun’s Java plugin was to allow accessing clipboard — to not aggreviate users.
Well, encryption tools like PGP GPG (https://en.wikipedia.org/wiki/GNU_Privacy_Guard) can handle that for you. But if you have to worry about that level of secrecy (someone with system level access to your machine) then a password manager isn't safe either, the java plugin is a good example of why.
Besides, don't you find it a little bit disconcerting that these cloud-based password management companies want you to put all of your secrets into their database which they then upload to their server?
Also if you need password-based security, a password manager is exactly what you want. Can you offer a better solution?
Don't store your passwords on a computer that is networked. Pen and paper is pretty cheap and I can guarantee you that it's unhackable.
A password manager is the professional you are hiring.
No, it's a product that someone tries to sell to you. What you need is a professional that can tell you if a password manager is appropriate or not in your particular use case.
How rolling out and managing your own solution is cheaper than using an existing one?
It's free?
-
Well, encryption tools like PGP can handle that for you.
Asymetric encryption (this is the main feature of PGP) for a local database is an overkill and, unless you encrypt only the entries (so you can separate reads and writes, per-record)(1), it will be effectively nullified and degraded to symmetric encryption of the keys.
Even ignoring above, PGP tools will still have to decrypt the data to somewhere. Perhaps you have an implementation that can decrypt this to mlock’d/secure memory region(2)(3), possibly even using some more advanced techniques, but that requires a lot of effort (you have to code it) and — in the end — you are writing… a password manager. You can as well use an already written and tested one.
But if you have to worry about that level of secrecy (someone with system level access to your machine) then a password manager isn't safe either, the java plugin is a good example of why.
The Java plugin could access only the clipboard. Passwords shouldn’t be put in a clipboard, if possible, and many password managers have the auto-type feature, which simulates keypresses directly. If the adversary has system-level (or higher level) access, the machine itself becomes untrusted and it shouldn’t be used to supply credentials in the first place — with password managers, without them or any other way that involves treating it as trusted. This is not a counter agrument for using password managers.
Besides, don't you find it a little bit disconcerting that these cloud-based password management companies want you to put all of your secrets into their database which they then upload to their server?
You haven’t criticized cloud-based password-managers. You criticized all password managers. If I or anyone else agrees or not with the above statement bears no significance to the original discussion. Use a fully local password manager and the above argument is defeated.
Don't store your passwords on a computer that is networked. Pen and paper is pretty cheap and I can guarantee you that it's unhackable.
Is that a joke? Should I even respond to a suggestion of writing down passwords on paper?
No, it's a product that someone tries to sell to you. What you need is a professional that can tell you if a password manager is appropriate or not in your particular use case.
I am not sure, how to respond to that. Even if the above would be true with the universal quantifier from your original statement, I can’t really see how selling a product makes it less secure, in particular when compared to some makeshift attempt to create own crypto. And how that doesn’t affect the same case of a professional seeling you their service of advising on password managers. But, as it happens, you do not need to hire them. They already suggest them. Some even have their own, like Password Safe from Schneier (https://pwsafe.org/).(4)
How rolling out and managing your own solution is cheaper than using an existing one?
It's free?
Only if you do not value your time.
____
(1) Not assuming any specific implementation. The database may be implemented on top of a file system with files as entries.
(2) Or anything similar, depending on the platform you use.
(3) Not claiming that all password managers do that.
(4) Not using it myself.
-
I've been using a simpler system for years ! I make CERTAIN that the email / phone # I provide is correct, then make up a password, using favourite terms,
and add random symbols / characters. When I log in next, if I don't figure it out within 3 retry s, I click "forgot password", and VIOLA .. all reset again :-)
Happens a few times a week, sometimes more. Bonus points - I can NEVER be accused of not changing my password often, and it is not written down :-)
-
Well, encryption tools like PGP can handle that for you.
Asymetric encryption (this is the main feature of PGP) for a local database is an overkill and
Who said anything about asymmetric encryption? Why bring that up? I was under the impression it could do both (I was actually thinking about GPG (https://en.wikipedia.org/wiki/GNU_Privacy_Guard) though), but maybe that is wrong. In either case it's completely beside the point. There are free encryption programs that lets you view an encrypted file safely and handle all those details for you. So you don't need to buy an expensive password manager solution.
But if you have to worry about that level of secrecy (someone with system level access to your machine) then a password manager isn't safe either, the java plugin is a good example of why.
The Java plugin could access only the clipboard.
I don't use a dedicated password manager so I'm not sure about all the details but Zbig used copying a password as an example just before so I thought it was a good illustration that it isn't perfectly safe either (according to your own example):
I've just fired-up my KeePass, entered its long and secure master password (it's a muscle memory now), searched for the EEVBlog forum entry, copied the password to clipboard and pasted it into the password box. It took me under 15 seconds and I'm usually quicker than that, while not under pressure of timing my actions. It really promotes proper password "hygiene".
Besides, don't you find it a little bit disconcerting that these cloud-based password management companies want you to put all of your secrets into their database which they then upload to their server?
You haven’t criticized cloud-based password-managers. You criticized all password managers. If I or anyone else agrees or not with the above statement bears no significance to the original discussion. Use a fully local password manager and the above argument is defeated.
As I wrote before, I didn't know there were open source and free password managers, those sound good too. My whole argument from the start has been that you don't need to buy an expensive password manager solution to maintain decent security (for the typical private individual). It's my impression that's what the OP wanted to point out as well.
(I think the argument is still somewhat valid though, even if it's fully local, you still trust a third party solution with all your secrets.)
Don't store your passwords on a computer that is networked. Pen and paper is pretty cheap and I can guarantee you that it's unhackable.
Is that a joke? Should I even respond to a suggestion of writing down passwords on paper?
Not a joke. If paper is good enough for the Kremlin it's good enough for me.
No, it's a product that someone tries to sell to you. What you need is a professional that can tell you if a password manager is appropriate or not in your particular use case.
I am not sure, how to respond to that. Even if the above would be true with the universal quantifier from your original statement, I can’t really see how selling a product makes it less secure, in particular when compared to some makeshift attempt to create own crypto. And how that doesn’t affect the same case of a professional seeling you their service of advising on password managers.
Just because someone is selling it doesn't make it insecure but a salesperson is not the same as a professional security consultant. It might be perfectly secure and still a completely unnecessary expense.
Some even have their own, like Password Safe from Schneier (https://pwsafe.org/).
Password safe from Schneier is also free and open source, so that could also be a good option.
How rolling out and managing your own solution is cheaper than using an existing one?
It's free?
Only if you do not value your time.
Only if it is faster to set up than the alternative.
A plain text file would be good enough for most purposes, like the eevblog password (but not for your bank account). If you also encrypt the file with some reputable free and open source encryption program then I'd say you are doing better than 99.9% of all internet users. If you can get a reputable free and open source password manager then that is also a good option I'm sure. But I don't think you need to pay for an expensive password management solution.
-
I've been using a simpler system for years ! I make CERTAIN that the email / phone # I provide is correct, then make up a password, using favourite terms,
and add random symbols / characters. When I log in next, if I don't figure it out within 3 retry s, I click "forgot password", and VIOLA .. all reset again :-)
Happens a few times a week, sometimes more. Bonus points - I can NEVER be accused of not changing my password often, and it is not written down :-)
What happens if you loose your email account?
-
Apis, I'm not going to full dive back into this discussion as it's getting a bit boring and unproductive to be honest, but what's with this "expensive" passwords managers angle? You seriously didn't bother to visit the KeePass site to find out it's completely free or just conveniently chose to keep pretending you don't know that?
There are no drawbacks to using a free and proven password manager and any DYI solution will be a poor attempt at replicating a small subset of its functionality. No offense, but this thread begins to read more and more like a dialog with an elderly relative who's trying to convince everyone that there's no better way of doing things than the way he was doing them since he was a young lad and no need for anything new. Don't store the database on a internet-connected computer? Use pen and paper? Seriously? We're more than a decade past the "I now have some computing to do so I'll hit my computing desk and fire up my desktop computer" times. I have a job and, from time to time, I have to use my private credentials for some internet service from there. I have a smartphone on me at all times and when I need a password for my airline account while on holidays on the other side of the planet, it's right there, in my pocket: encrypted and secure. This is the reality I live in every day. There are no valid cases for using a homebrew password managing solution outside of a hobby realm and no amount of made-up flawed arguments after flawed arguments will change that.
ADDED:
I realize it could be hard finding out there are freely-available, better versions of something you were working on passionately - I've been there. But it's better suck it up and conclude that, well, at least you've learned something along the way, than trying to change the reality around you at the risk of sounding silly.
-
.. What happens if you loose your email account?
Lose it? Had the domain name for 30+ yrs, so unless I get Alzheimer's, should be good to go :-) plus on some log-ins, I have 2-3 domains / emails listed.
And IF I only had a cheap email addy, with no backups, I'd have a lot more to worry about.
-
The trick is to use passwords of 10 characters or more.
Using capital letters, numbers, and special characters makes it virtually unbreakable.
And change it at least monthly.
And don't use any real words in your password.
like $57dogpoop^&
-
Apis, I'm not going to full dive back into this discussion as it's getting a bit boring and unproductive to be honest, but what's with this "expensive" passwords managers angle?
Yes it is getting silly, I've already written two times now that I didn't know there were free open source alternatives and those seems great. :-+ I don't think most people need to pay for a password manager to be sufficiently safe though. For the convenience of syncing with all your devices, sure, but not for security. Several alternatives have been mentioned here, some better than others, but all of them free.
I checked lastpass now, they charge 3$/month, 3$ might sound like very little but it quickly adds up. I would also be surprised if you could easily transfer your passwords to another service, so you would find yourself locked into their service. You have to trust them with all your secrets and should the company go down you could potentially have trouble accessing your passwords.
-
The trick is to use passwords of 10 characters or more.
A traditional minimum length for random passwords is 8 characters. The current NIST”s policies (https://pages.nist.gov/800-63-3/sp800-63b.html) permit as low as 6, but that is only under an assumption, that the system has working rate limiting(1). The key is high entropy and password length has to be expressed in terms of that value. There is no one-fits-all solution and even the good, old “8 characters” is now missing foundations other than being well tested.
Using capital letters, numbers, and special characters makes it virtually unbreakable.
That topic has been discussed earlier. While using larger alphabet increases possible passwords space, it is not the only factor to consider. If you are using a password manager and generate long passwords randomly, use as huge alphabet as you want. At least as long the target sytem supports all the characters. Be careful with a backslash, a percent sign, a quotation mark, an apostrophe, an ampersand and some other character that may be rejected or handled inproperly by badly designed systems.
No, those characters do not magically make a password “virtually unbreakable”. They make easy to overcome in the simplest attack, while a properly chosen lowercase-only password will protect you much longer… and will be easier to remember, if needed. After all you need to memorize at least a few passwords, the one to the password manager being one of them. The key to high cost and low probability of breaking is, as stated above, high entropy. Actually a 21-word passphrase chosen using diceware (only short, lowercase English words!) or a 40-character password of A-Za-z0-9 +others is… unbreakable using brute force within the current physics regime (https://en.wikipedia.org/wiki/Landauer%27s_principle)(2). For everyday security you do not need that much.
If you are not using a password manager, using too large alphabet will make password hard to remember, but will add very little entropy bits to it. High cost for little gain.
And change it at least monthly.
Except that it is very hard to follow the policy of changing passwords monthly, can you provide any reason to use that value? In particular in the context of already provided arguments of either dropping the policy altogether (in most cases it harmful) or seriously considering pros and cons of using it. Also, if you are afraid of a password being leaked so much, that you want to change it each month, what are you doing with your keypairs or certificates? A time to distribute a public key is more than a month. Getting certificates each month is prohibitely expensive for nearly everyone and in some cases CA policies do not allow that at all. But, obviously, you must follow the same principles in their case.
And don't use any real words in your password.
Actually you may use standard English words in your password and use only lower case letters. And you will have a password stronger than “MN49%b5$*8#r$”.
____
(1) Don’t think it is as easy to implement, as you think. Blocking bruteforcing of a single account seems pretty straighforward, but still with some caveats (a simple 3-attempts rule may DoS your system). Doing the same for reverse-bruteforce attacks — not so much, especially against a stealthy adversary with resources.
(2) Iterating all those passwords is alone would require the amount energy that is unimaginably great, even if the hypothetical iterating machine would be the most efficent possible. And current computers are not even close. Even half of that length would require dedicating USA’s yearly energy output to just iterating the possible passwords. Of course new discoveries may invalidate the principle or advances in comutation may permit overcoming it, but do not expect miracles soon. And even if that principle fails, still chances of a random bit in RAM getting flipped by cosmic radiation and allowing an invalid password are higher than finding the password.
-
We're talking about internet passwords here, not nuclear launch codes.
The big problem these days is that people use the same password everywhere.
The passwords are typically stored in an encrypted (hashed) list on the server (ideally, unfortunately many save them as plain text anyway). These lists get stolen. If you used a too weak password it can be cracked and the hacker will know your password and can use it to try logging in to your other accounts. You can be almost certain the password will leak, so never use the same password twice. If you use different passwords for different websites there isn't much of a problem though.
Your password still need to be good enough that someone can't brute force their way into your account. But the web-login should be rate limited (although you can't count on that either) so an attacker can't try more than 3 passwords per minute or something like that, which makes that method infeasible for the most part. Consider bank cards that are often only protected by a four digit pin code! but the card gets eaten if you enter the wrong code 3 times in a row.
If you're someone important and it would be valuable to get into your account, then people might target you directly. In that case you really do need to make the extra effort of using high entropy passwords. The commonly recommended minimum length today is 12 randomly chosen characters. But then you should probably also get help from a professional since there are many factors to consider.
-
We're talking about internet passwords here, not nuclear launch codes.
Yeah, leave your apartment open, because it contains no nuclear warheads(citation needed). I am not getting, why you and some other people are insisting on doing it wrong, when it can be done right without any issues.(1)
Your password still need to be good enough that someone can't brute force their way into your account. But the web-login should be rate limited (although you can't count on that either) so an attacker can't try more than 3 passwords per minute or something like that, which makes that method infeasible for the most part. (…)
Reality vs movie fiction confusion? Unless the attack is targeted at a specific victim, which is not the case for most people/services, this is not how it looks like. RBF will be unhampered by per-account rate limiting. A more useful method is requiring proof-of-work to be delivered with the log-in attempt, but its effectiveness also can be easily overestimated(2) and has its drawbacks.
(…) But then you should probably also get help from a professional since there are many factors to consider.
So why are you arguing against simple, working solutions suggested by professionals?
____
(1) I am fully aware of how bad locks are and why it is fine. But the analogy can’t be made, because we can have decent passwords at no cost.
(2) Typically the work required is orders of magnitude smaller than expected; the overestimation comes from using author’s own knowledge as a reference, while they know pretty much nothing and are full of misconceptions. Even if that is done right, the lack of knowledge about the actual cost of the work still makes it less effective.
-
So why are you arguing against simple, working solutions suggested by professionals?
I'm not, why do you keep saying I am? I'm only arguing that most people don't need to pay for an expensive service to maintain sufficient security.
-
I am scratching my head…
KeePass: $0/life
KeePassX/KeePassX2: $0/life
KeePassXC: $0/life
PassSafe: $0/life
pass: $0/life
If you need online storage:
BitWarden: $0/mo., though the business model makes me apprehensive
Even the proprietary ones(1) are in the $3/mo. range. That is not very good in terms of value-per-price, but this is not far from the cost of deploying your own solution of this kind. And the target are people, who have no knowledge or experience to do it on their own.
So where are those “expensive services”?
____
(1) Mentioning them does not imply I’m considering them safe. But still, using a proprietary password manager is much better than using none at all.
-
I've already written many times I wasn't aware there were free and open source alternatives, I have no issue with those. I don't think the commercial ones offer anything most people need though, this fanatic push for password managers is just advertising. Naturally they wan't as many paying customers as possible. If some people want to pay for the convenience they offer that is fine, but there's no need to scare people into thinking it's a must have imo. So use a free password manager or some other method, as long as you don't reuse the same password everywhere. (For stuff that's not that important, for bank accounts and other stuff you want more security though, but the bank usually provide that).
$3/month is pretty expensive for what it offers imo. Let me do the math for you $3*12= $36/year or $360 for ten years, I can think of better ways of spending that money.
-
That is pretty bad advice, do you really think it is a good idea to give away your password to some random website?
I can't think of a better way of filling a password dictionary.
Have I been pwned checks accounts, not passwords. Of course, it's the defacto standard when it comes to breached accounts. Calling it "some random website" doesn't do it justice. Calling it that may just make you look silly.
-
Errm, yes, sorry you are right, they asked for account name not password, my mistake. And you are also right that it's not a random site, it's advertising for commercial password managers.
From the site:
"Back then, I chose 1Password because it was the best fit for my needs; it was user friendly, it had clients for all the devices I used and it made syncing my passwords across them simple. 7 years and hundreds of passwords later, I partnered with them to help people who find themselves in a breach after searching HIBP get themselves into a great password manager.
Today, I use 1Password in all the same ways as I have since 2011, and more." :blah:
-
Errm, you are right, they asked for account name not password, my mistake. And you are also right that it's not a random site, it's advertising for commercial password managers.
From the site:
"Back then, I chose 1Password because it was the best fit for my needs; it was user friendly, it had clients for all the devices I used and it made syncing my passwords across them simple. 7 years and hundreds of passwords later, I partnered with them to help people who find themselves in a breach after searching HIBP get themselves into a great password manager.
Today, I use 1Password in all the same ways as I have since 2011, and more." :blah:
Allow me to enlighten you.
https://en.wikipedia.org/wiki/Have_I_Been_Pwned
-
Not sure I understand what you are trying to say.
The site is advertisement for 1password, a commercial password manager, as even the Wikipedia page admits.
Also, the page is misleading, just because your account information has leaked doesn't mean you've been "pwned", it just means the account information has leaked (i.e. a website you used has been "pwned"), which is what this is all about: don't reuse the same password since you can be almost certain it will leak.
Anyway, I remember when he created the site, back then people didn't think passwords leaked, so the site served a purpose back then by illustrating that they did.
-
The site is advertisement for 1password, a commercial password manager, as even the Wikipedia page admits.
No, it isn’t and the Wikipedia article doesn’t tell that. It is a service for checking if a password is known to be in a leak. Additionally, since Troy Hunt endorsed 1password, it suggest using it if you use the website interface and the password is determined to be leaked. There is a difference between “contains an ad” versus “is an ad”. The website’s primary purpose never was and is not advertising that product. It is ridiculous to claim that a website focused on providing services to competitors of 1password is an advertisement for 1password. What’s next? EEVblog is an advertisement for Uni-T, because it contains their ads?
Also, the page is misleading, just because your account information has leaked doesn't mean you've been "pwned",
The website’s name is humorous — it claims nothing.
it just means the account information has leaked (i.e. a website you used has been "pwned"), which is what this is all about: don't reuse the same password since you can be almost certain it will leak.
No, it doesn’t. It has nothing to do with any service you use. It means that someone (probably not you) used the same password as you are checking and that password has leaked. There is no relation to your password policy. It is a statement about the password itself. And yes, that means the password is effectively pwned and should not be used by you, because it is a dictionary password. If you are already using it, it also means you should expect to be pwned soon.
-
The site is advertisement for 1password, a commercial password manager, as even the Wikipedia page admits.
No, it isn’t and the Wikipedia article doesn’t tell that. It is a service for checking if a password is known to be in a leak. Additionally, since Troy Hunt endorsed 1password, it suggest using it if you use the website interface and the password is determined to be leaked. There is a difference between “contains an ad” versus “is an ad”. The website’s primary purpose never was and is not advertising that product. It is ridiculous to claim that a website focused on providing services to competitors of 1password is an advertisement for 1password. What’s next? EEVblog is an advertisement for Uni-T, because it contains their ads?
I don't get Uni-T ads on EEVblog, I get keysight and JLCPCB. :-//
Also, the page is misleading, just because your account information has leaked doesn't mean you've been "pwned",
The website’s name is humorous — it claims nothing.
It's not just chihumourous:
"Oh no — pwned!
Pwned on 9 breached sites (subscribe to search sensitive breaches)
Start using 1Password.com
<1Password Logo> 3 Steps to better security"
it just means the account information has leaked (i.e. a website you used has been "pwned"), which is what this is all about: don't reuse the same password since you can be almost certain it will leak.
No, it doesn’t. It has nothing to do with any service you use. It means that someone (probably not you) used the same password as you are checking and that password has leaked. There is no relation to your password policy. It is a statement about the password itself. And yes, that means the password is effectively pwned and should not be used by you, because it is a dictionary password. If you are already using it, it also means you should expect to be pwned soon.
Except as Mr. Scram kindly pointed out it doesn't check your password, it checks for your email.
...
Although I see now that it still has a feature that checks for passwords, so maybe I didn't remember incorrectly, maybe he changed how it works at some point in time :-\
https://haveibeenpwned.com/Passwords
For which I'll repeat my original comment about the site:
do you really think it is a good idea to give away your password to some random website?
I can't think of a better way of filling a password dictionary.
-
I don't get Uni-T ads on EEVblog, I get keysight and JLCPCB. :-//
Look at the bottom. But this isn’t even the point of what I have said.
Except as Mr. Scram kindly pointed out it doesn't check your password, it checks for your email.
It allows checking both. As you have noticed yourself, so why claiming otherwise? It also allows searching for user names, which reveals nothing useful to HIPB.
do you really think it is a good idea to give away your password to some random website?
Random website? You call Troy Hunt random? Nonetheless… normally HIBP never sees your password. It doesn’t even see a full hash of your password. The actual check is performed on your local computer, based on information sent by HIBP. At worst what is revealed is a password that… is already leaked and therefore should not be used. So HIBP gains nothing. The exception from above is if you use the web interface. But this is not the core feature of the service. And if someone uses the web interfaces, they are probably not having a better option. So it’s a difference between having a possibly leaked password versus revealing to a quite trusted person, that someone(1) on the internet has a password like the one supplied. For average Joe this is a much better option.
I can't think of a better way of filling a password dictionary.
Filling a dictionary? Of whom? A well-known white hat, who professionally acquires huge collections of leaked passwords and has access to a dictionary, that would allow him to rob third part of the US population? Sure, probability of defection is never zero, but it is more likely that your family will steal your passwords than this guy.
____
(1) If they can’t anonimize themselves, it may also reveal, who is that “someone”. But with even the simples anonimization this is not the case.
-
I knew this was how this thread would turn out. Most interesting was the pins and how lazy people are. 20 tries and you have 25% of all pins.
Back to digesting all the info in this thread. Stupid title but loads of info in this thread. :clap: :-+ :-+
-
Here's my trick : use a word that is easy to remember but splittable. for example : birdfeedbox . bird feed box. easy enough to remember
translate in 3 different languages
oiseau ( french )
futter ( german )
doos ( dutch )
and merge.
oiseaufutterdoos
good luck finding that one with rainbow or dictionary tables ...
-
do you really think it is a good idea to give away your password to some random website?
Random website? You call Troy Hunt random?
Yes. What is he famous for, according to the wikipedia page he's "Known for: Have I Been Pwned". Claiming it's not random because he's famous is a circular argument. Do I have any special reason to trust that page or that person? No. That is why I call it random.
I remember when he created the site. Back then people didn't think leaked passwords was a big problem. The site served a purpose then by illustrating that passwords really did leak and it was a big problem. There wasn't anything special about his password database either, he just took password lists that were already being shared publicly, and made them searchable from his website. It proved to normal people that reusing passwords was a bad idea, which I think we all agree with.
Looks like he changed the api over the years to try and make it safer, but it's still a terrible idea (and a sha1 hash won't protect you much). It's not that I have any reason to think he's a bad guy it's just that passwords are supposed to be a secret between two parties, sharing it with a third party sort of defeats the purpose and if you generate a random password of enough entropy there's no need.
Anyway, if you really want to know if your passwords are safe, you can send your password list to me and I'll check them against my 11TB password dictionary for you. ;)
-
good luck finding that one with rainbow or dictionary tables ...
The problem is to come up with, and remember, a new secure password for every website that requires a password. If you reuse the same password you have a problem because it will leak, many websites have terrible security and some even save the passwords in clear-text on the server (i.e. unencrypted). As soon as your credentials leak from one website a hacker can then log in to all your other accounts. Password files from websites are commonly traded (and shared freely) among hackers. Reusing the same password is a much bigger problem than choosing a weak password.
-
apis:
Troy Hunt known only for HIBP? Because a short overview on Wikipedia contains nothing more in the infobox? :palm: Let’s end this discussion here. Good luck harming more people. I just hope the next post I see will not suggest licking a live 230V wire, because Wikipedia article on tongue (https://en.wikipedia.org/wiki/Tongue) contains nothing about dangers of licking live wires.
Here's my trick : use a word that is easy to remember but splittable. for example : birdfeedbox (…)
The translation step adds only 3–6 bits.
-
Troy Hunt known only for HIBP? Because a short overview on Wikipedia contains nothing more in the infobox? :palm: Let’s end this discussion here. Good luck harming more people. I just hope the next post I see will not suggest licking a live 230V wire, because Wikipedia article on tongue (https://en.wikipedia.org/wiki/Tongue) contains nothing about dangers of licking live wires.
Right, authority and insults instead of arguments, easiest way to tell when people don't know what they are talking about.
Here's my trick : use a word that is easy to remember but splittable. for example : birdfeedbox (…)
The translation step adds only 3–6 bits.
It adds s log2 n bits, with s being number of words and n number of languages to choose from, so it depends on the number of languages (and words). Anyway, I think the point was to come up with something unlikely to be found in a password corpus, not necessarily high entropy. It's better to let a computer choose symbols randomly though, we humans are surprisingly bad at random.
https://www.youtube.com/watch?v=7U-RbOKanYs (https://www.youtube.com/watch?v=7U-RbOKanYs)
-
free_electron:
(Regarding the response from apis)
That has been described in detail earlier (https://www.eevblog.com/forum/security/one-simple-trick-for-passwords-the-big-companies-dont-want-you-to-know-about!/msg2460069/#msg2460069), but a short explanation: “dictionary” in “dictionary password” refers to a class of attacks, not to language corpus/dictionary. Actually a few very short, English words may form a very good password, that is also easy to remember(1): see diceware.
Note: I’m using generic you below.
While s·log₂n is indeed calculating entropy of something, that “something” is not sequence of translations. Unfortunately copying equations without understanding what they mean is not going to work :). s·lon₂n is entropy of a sequence of s randomly(!)(2) chosen symbols from alphabet of size n, under conditions that the probability of chosing each is the same and the choices are independent of each other. That is not the case here. The choice of languages is not random, the probability is not equal and the choices are not independent.
Assuming for a moment, that the language would be chosen randomly and there is no other issues, the equation would be: log₂((d - 0) · (d-1) · … · (d - s + 1)), where d is the number of languages, s is the number of words. That comes from the fact, that each language is used only once, so each word has one language less to choose from. So for 3 words and, let’s say, 4 languages: log₂ (4 · 3 · 2) = log₂ 24 ≈ 4.6 bits. If you would improve the method and allow reuse of languages, it would be(3) log₂(4³) ≈ 6. But that is lots of work for little gain: for comparison adding a single, short English word provides additional 13 bits. In other words transforming “birdfeedbox” into “oiseaufutterdoos” is worse than doing “birdfeedbox” → “birdfeedboxcat“.
But that’s not all, because the choices are not having equal probability and are unlikely to be independent(4). Unless you are a polyglot(5), that knows many languages very well, you will not be able to easily translate arbitrary word to another language. That limits, what language may be used on each position and hence affects the probabilities. You may try using a dictionary, but then you are introducing more things to memorize. More likely is that you’ll start taking shortcuts, decreasing entropy. The second problem is more subtle and harder to imagine, because everyone of us is nearly sure that we’re chosing symbols randomly. We’re not. Unfortunately there is no valid method for estimating entropy in that case, at least to my knowledge (someone correct me if someone found one). For years there was the famous NIST publication on that matter, but it has been disproved. It was also dependent on how brain processes language, not arbitrary symbols. However, using it as a general reference point and applying it to the proposed method, we end up with an appaling result. For 3 symbols taken from an alphabet of 94, NIST (over)estimated the entropy as 8 bits. Our dictionary is 23 times smaller, so… um… the ballpark estimate is around 0 bits of entropy. Of course this is probably exaggeration, but it gives some taste of what to expect. From the hypothetical 4.6 bits we’re moving to a much lower value. And this is where the 3–6 bits etimate came from.
And this is only about the translation phase. This is not the only problem. The words you are chosing are not independent. There isn’t many phrases that conform to the proposed scheme. And the large number of choices is everything. I would not be surprised if a single(!) diceware word would perform better.
Of course, as it has been said multiple times in the thread and the reason why passwords managers are recommended, you should always have different passwords for different services. Even the strongest password will be useless if you use it more than once.
You do not need to believe me. Not even any authority. Just try it and experiment yourself! See what happens when you change alphabet, the number of symbols in a password (just remember what a symbol is in a given method), how dependencies between positions affect the outcome etc. If you can, consider looking at some dictionary used for actual attacks — just to get rid of the misconception, what a “dictionary word” is.
This could all be a theoretical, academic dispute, if the cost of applying the right methods would be high. But nowadays having good security is practically costless.
____
(1) Though one should remember as small number of passwords as possible.
(2) Or close enough to be considered random, for example by using a CSPRNG.
(3) Which, BTW, is what apis has supplied, but in the original form: log₂(n^s) = s·log₂(n).
(4) Say “thanks” to how borked human brain is. :D
(5) Yes, I am making an assumption here. But since I think we’re talking about methods useful for most people and most people can’t even easily speak one foreigh language, the assumption seems justified.
-
While s·log₂n is indeed calculating entropy of something, that “something” is not sequence of translations. Unfortunately copying equations without understanding what they mean is not going to work :).
Not sure why you would copy it when it's easy to derive.
(3) Which, BTW, is what apis has supplied, but in the original form: log₂(n^s) = s·log₂(n).
Why first write it isn't working when you end up with the same result? :-//
Using different languages is actually not bad, even if it doesn't add many bits of entropy it reduces the likelihood that all the words would be part of a dictionary. But the words should be chosen randomly and preferably more than 4 (somewhat arbitrary number), and with a few symbols thrown in randomly perhaps.
The problem isn't that peoples accounts get brute forced/guessed because they used too weak passwords though, the problem is that people reuse passwords which makes them vulnerable to automatic attacks. If you need to protect against brute forcing and other targeted attacks you should really use some sort of two factor authentication scheme (that is what online banks typically do) because peoples passwords are often quite weak.
-
Yes. What is he famous for, according to the wikipedia page he's "Known for: Have I Been Pwned". Claiming it's not random because he's famous is a circular argument. Do I have any special reason to trust that page or that person? No. That is why I call it random.
I remember when he created the site. Back then people didn't think leaked passwords was a big problem. The site served a purpose then by illustrating that passwords really did leak and it was a big problem. There wasn't anything special about his password database either, he just took password lists that were already being shared publicly, and made them searchable from his website. It proved to normal people that reusing passwords was a bad idea, which I think we all agree with.
Looks like he changed the api over the years to try and make it safer, but it's still a terrible idea (and a sha1 hash won't protect you much). It's not that I have any reason to think he's a bad guy it's just that passwords are supposed to be a secret between two parties, sharing it with a third party sort of defeats the purpose and if you generate a random password of enough entropy there's no need.
Anyway, if you really want to know if your passwords are safe, you can send your password list to me and I'll check them against my 11TB password dictionary for you. ;)
Anyone who knows anything about computer security knows Troy Hunt, his website and what he's doing within the security community. That's also why people much more familiar with the subject matter trust him. He has a stellar record and reputation. Troy Hunt is definitely an authority when it comes to passwords.
If Hunt is a random guy with a random password site the Queen of England is a random old lady with a surprisingly large house.
-
In related news: https://www.theregister.co.uk/2019/06/11/have_i_been_pwned_security_site_is_up_for_sale/ (https://www.theregister.co.uk/2019/06/11/have_i_been_pwned_security_site_is_up_for_sale/)
-
Yes. What is he famous for, according to the wikipedia page he's "Known for: Have I Been Pwned". Claiming it's not random because he's famous is a circular argument. Do I have any special reason to trust that page or that person? No. That is why I call it random.
I remember when he created the site. Back then people didn't think leaked passwords was a big problem. The site served a purpose then by illustrating that passwords really did leak and it was a big problem. There wasn't anything special about his password database either, he just took password lists that were already being shared publicly, and made them searchable from his website. It proved to normal people that reusing passwords was a bad idea, which I think we all agree with.
Looks like he changed the api over the years to try and make it safer, but it's still a terrible idea (and a sha1 hash won't protect you much). It's not that I have any reason to think he's a bad guy it's just that passwords are supposed to be a secret between two parties, sharing it with a third party sort of defeats the purpose and if you generate a random password of enough entropy there's no need.
Anyway, if you really want to know if your passwords are safe, you can send your password list to me and I'll check them against my 11TB password dictionary for you. ;)
Anyone who knows anything about computer security knows Troy Hunt, his website and what he's doing within the security community. That's also why people much more familiar with the subject matter trust him. He has a stellar record and reputation. Troy Hunt is definitely an authority when it comes to passwords.
If Hunt is a random guy with a random password site the Queen of England is a random old lady with a surprisingly large house.
Sending your password to his server so he can check it against a database is a terrible idea whether you trust him or not. I'm sure he's a great guy, haven't said otherwise.
-
free_electron:
(Regarding the response from apis)
That has been described in detail earlier (https://www.eevblog.com/forum/security/one-simple-trick-for-passwords-the-big-companies-dont-want-you-to-know-about!/msg2460069/#msg2460069), but a short explanation: “dictionary” in “dictionary password” refers to a class of attacks, not to language corpus/dictionary. Actually a few very short, English words may form a very good password, that is also easy to remember(1): see diceware.
i am defending against things like social engineering and brute force attacks using lists of precalculated passwords. (there exist tables with most commonly used passwords ,and things like 'thisismypasswordletmein or TimpLmi). My construction will not be found in such tables... and if it is it will be near the very last ones being tried ...
birdfeedbox was just a simple example. i use words that have no relation . for example a color , a geographical name and an animal name. ( not what i am using, just an example. i use strings of 4 to 6 words)
You can try social engineering you still won't find out anything. For example : that geographical location is not a place i have ever been to. so you won't learn about that. I just spun google earth with my eyes closed and picked a name that was in the center of the screen. That bird does not exist in north america (where i live) , and so on.
As for languages ... i do know a few. good luck finding a six word string encoded in a sequence of , for example dutch, finnish, hindi, latin, russian , french. (not what i am using)
I can scribble down the 'english' sentence on a paper napkin. As long as i keep my language 'key' ( the language used and sequence of language rotations) secret .
In addition the english sentence could be 'descriptive' while the translation could be a 'slang' word for the english term. This adds to the complexitiy.
and i can write down the 'english' sequence as abbreviations.
The resulting character sequence is just as random for the computer as 5Q$de3&!lpQV902 , but it is much easier to remember for me.
For the important websites i have a little piece of paper that holds the english sequences. it is stuck to my monitor (and in an encrypted note on my iphone as well, that needs my face to unlock). It only serves as a memory 'jog' lookup . reading the sentence i immediateley remember the real password.
-
Sending your password to his server so he can check it against a database is a terrible idea whether you trust him or not. I'm sure he's a great guy, haven't said otherwise.
I tend to look at it as a tool to show people how shoddy their choice of passwords is. Showing 8000 matches conveys the message a bit better.
-
Heres a n00b question but how do you hack into an account if you only get 3 or 5 tries then you are locked out for 24 hours or until you reset it? That seems like it would solve the brute force and dictionary problem.
-
Reverse brute-force.
Attacks aimed at specific average Joe are movie fiction. Unless you are a high profile target or have been chosen for some specific reason, nowadays no one cares about your particular account. The same goes for attacks based on knowing the probable password from a leak or phishing: this is done en masse.
Also, simply imposing per-account limits alone is a great way to DoS your own service. The attacker just needs to use a few arbitrary wrong passwords on any account in your service and suddenly no one can log in. With all the additional fun in the call center and support tickets.
-
Yeah, most people use shitty passwords. So, when another hundred million accounts get leaked, hackers can solve for a good percentage of the passwords; but never all of them.
Say the leaked information takes the form of username + hashed password pairs. You don't know the passwords, but you can test various hashes against various passwords, and various salting methods, and pretty quickly find some matches out of the huge database you're checking against.
Often, the account name/e-mail is concatenated with the password, ahead or after. Usually some "salt" is added somewhere as well. Which may be just a constant string, or it may be a sequence number, or a random number, and it may be in whatever format (decimal, hex, base64, ASCII..). If it's absent, or constant, that's easy to figure out -- when the passwords you discover always contain a common substring, you just write that into your rainbow table tool and vastly improve the speed of discovering passwords. If it's random, that makes your job a lot harder because you need to figure out what random formula they used. It can't be true random of course, it has to be paired with the user somehow -- it could be a hash of the username, or account opening date, or etc.
Once you get a few matches, you'll probably identify some patterns and can patch up the search method, greatly speeding up the process. You grab a dictionary of millions of likely words, and set some patterns (lowercase, CamelCase, RandOM CaSE?), substituting vowels with numbers or punctuation, inserting random numbers in the string, etc.), and start hashing combinations and checking them against the database.
It's very difficult to crack a single password. You don't know if it's simple or complex, short or long, language based (and which language(s), as discussed above), or full random. You can check the likely candidates in shorter lengths, and exhaustively check short ones (up to 6 characters or so).
But multiplied by 10^8 or so accounts, the chance of finding a match is very good, and once you've found a few and figured out the salting method, you can just let it run. Crack rates of 80%+ are common, and it's very likely that you can find some juicy content behind those accounts (if you were so inclined, that is).
Tim
-
Heres a n00b question but how do you hack into an account if you only get 3 or 5 tries then you are locked out for 24 hours or until you reset it? That seems like it would solve the brute force and dictionary problem.
You don't. Consider bank cards, it's often protected by only a 4 digit pin code = 10000 combinations. If you could try 1000 combinations per second you could brute force that in 10 seconds. But usually they confiscate the card after three incorrect attempts, so you have to guess right in the first three attempts out of 10000 possible combinations. That is considered safe enough for everyone's bank accounts.
On the internet it's a bit different. Since most websites doesn't require a physical token to login (like the atm card) anyone can try to login to any account. Locking the account after a few incorrect attempts would let any kid to lockout all the users from a service by just trying a few random passwords (denial of service attack). The server can and should rate limit the login though. If you only allow one attempt per minute (as opposed to 1000 attempts per second) you make brute forcing much harder. The server can also use software that detects brute force attempts and blocks such ip-adressers. So there are many things you can do to improve security, but the end user doesn't have any control over that (and many websites have really poor security).
The problem today is usually not that peoples accounts gets hacked by brute forcing. (I'm referring to non critical, low security website accounts, like a forum login, not the admin password to your server or to your bank account or a presidential candidates email. If you have a paypal account for example you need to use a really good password.) The big systemic problem is that people use the same password more than once. When the login information leaks from some of the websites you use (that is inevitable), hackers use those list of usernames and passwords to automatically attempt logging in to other accounts. If a person used the same password for their gaming forum that leaked (for example) as they do for facebook and paypal, they will have a problem. If you used different passwords it only affect the site that was hacked. (Haveibeenpwned was supposed to show that passwords leak. You can see if your login information is available in one of the many freely circulated password list. But just because haveibeenpwned doesn't list you doesn't mean your account information isn't out there, it's just not in one of the easily accessible lists that any script kiddie can get hold of.)
Passwords are supposed to be "encrypted" (hashed) on the server so that even if the login information leaks the hacker can't see the passwords. If everything is done correctly on the server and the users have chosen good passwords (so they can't break the "encryption" used to protect the password list), stolen login information would be useless. But you can't trust that the websites store passwords safely. Even big websites are known to have really bad security, some use bad methods for protecting the password (md5) some doesn't bother to protect the passwords at all! Some websites (or an employee with access to the password list) might even be selling your login information to make some extra cash. I.e. even if you use really good passwords you have to assume they will leak.
The brute forcing of passwords usually refers to password lists that get leaked. Since they are often encrypted the hacker might have to break that encryption (i.e. the hashing) to get the passwords. If people have used bad passwords, and or the websites poor security practice, it is easy to do that. You can't rate limit that since the hacker controls the whole process, so a hacker might be able to try millions of passwords every second.
Anyway, this get's pretty complicated quickly and there are lots of caveats, so if you need to secure something important you really should get professional help. For non critical stuff, one of those free and open source password managers looks like a convenient option.
TL;DR: whatever you do, never use the same password twice.
-
Beamin:
As for apis comment: hashing is not encryption(1). With proper security practices passwords are not encrypted — they are not stored at all. What is stored is a value derived from the password, which has a property of being very costful to be turned back into any matching password(2) — not to mention the original one. This feature, which would not be possible with encryption, is the crucial part of the security mechanism. No matter what information the attacker acquires — even all of it — they shouldn’t be able to cheaply obtain the password. When you enter a password to a [properly secured] service, they calculate that value from your password and only that is compared to what is stored in the database.
Encryption is not suitable for that purpose. Even if you do not know the key or even the algorithm itself(!), the passwords may still be recovered — even the lengthy ones(3). Usually it is very expensive, but sometimes — paired with other information — it is surprisingly easy. As a very prominent example let’s take the famous Adobe Crossword: a leak of 150M encrypted passwords from Adobe. In this case the problem of finding the passwords was so trivial, that you may try doing that yourself, because the way encryption works produced a kind of a crossword (https://zed0.co.uk/crossword/) (hence the name of the leak) with the associated hints suggesting the value :D. XKCD 1286 “Encryptic” (https://www.xkcd.com/1286/) visually explains how this can be extended to be used with longer passwords. Along the ECB penguin (https://upload.wikimedia.org/wikipedia/commons/f/f0/Tux_ecb.jpg) this is one of the most amazing cryptofail examples, which can be understood by people normally not associated with computer science or security.
So what should be used instead of encryption? While historically hashes were advised, this is suggestion outdated by a decade. The systems, which still use hashes, will probably hold a bit. But this is no longer the right solution. And it isn’t important if you use MD5 or SHA3. What should be used are KDFs (Key Derivation Functions). While, strictly speaking, KDFs and hashes are approximately equivalent(4), in practice the terms are used to refer to functions with a bit different characteristics. Hashes are designed to use possibly little resources; KDFs are meant to be very resource hungry. If you want to understand why, consider that with proper software and hardware you may calculate between tens of millions (a decent PC, using CPU alone) to trillions(5) (specialized hardware) of hashes per second. For comparison the design of KDFs puts a very strong limitation on how many of them can be calculated: if you wish, down to a dozen passwords per minute(6). And it’s not easy to circumvent that limitation with FPGAs or even ASICs. Examples of such functions are scrypt, bcrypt or PBKDF2.
____
(1) While in this context we’re implicitly assuming cryptographic hashes, in fact hashing alone is not even a part of cryptography: they just have a common part.
(2) There may be infinitely many inputs that match any such value. Which leads to an interesting effect: there are many passwords that can be used to log-in to your account.
(3) Yet non-dictionary passwords are prohibitively expensive to be extracted this way.
(4) Hash functions were used as KDFs, and KDFs are formally producing a hash.
(5) Short scale; that is 1e+12.
(6) Though you do not want something that extreme in an online service, obviously. :)
-
Password hashing isn't really encryption no, which is why I put the word encryption in quotation marks (and wrote hashing in parentheses for those who did know what it was). Most people have an understanding of what encryption is but not necessarily hashing. I hope people still got the basic idea, the password gets scrambled so it's hard to figure out what it is. The better password you choose and the better the hashing algoritm the harder it is to figure out.
Key derivation functions like PBKDF2 (although not what it was intended for) is sometimes used for password hashing, but it not ideal either. And while commonly recommended bcrypt might turn out to be too vulnerable as well (https://www.usenix.org/system/files/conference/woot14/woot14-malvoni.pdf). There was an attempt to come up with a better algorithm a few years ago through an open competition, similar to how NIST have come up with their recommendations in the past, called the Password Hashing Competition: https://password-hashing.net (https://password-hashing.net).
But I wouldn't recommend any particular function here. As I said, this gets complicated quickly and there are lots of pitfalls, don't take advice from an anonymous internet forum if you need to protect something that is valuable.
-
People considering switching to a password manager may wish to read the “Before you use a password manager” article (https://medium.com/@stuartschechter/before-you-use-a-password-manager-9f5949ccf168) lately mentioned by Schneier. It discusses risks involved in using a password manager, as well as approaches that are providing no gain.
-
Seems like fairly weak reasons to avoid PW managers.
If you reuse the same PW everywhere...you must have the capacity to remember one...
If you do reuse that one PW everywhere, well its all eggs in one basket isn't it. Any single breach on multiple sites could be a complete day wrecker.
If you have malware on your machine....your 100% pwned already.
Good PW managers fix any flaws in near real time and only store encrypted blobs. Minor risk compared to the PW reuse IMO.
To each his own.
-
Something to think about with PW reuse.
https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/
And with SIM swapping seemingly trivial and prevalent these days, 2FA over SMS is pretty crap as well.
-
Seems like fairly weak reasons to avoid PW managers.
Uhh… in the initial version of my post I’ve urged people to read beyond the first paragraph. It seems I shouldn’t have removed that request. :|
The article is not suggesting avoiding password managers. It discusses common pitfalls and mistakes, which average person may encounter when first facing that technology. People are only people and human factor must be taken into account. I am and — until the solution is widely considered wrong — I will promote the use of password managers, criticize using bad passwords or ridicule security theater. But I will not tell my mother to jump into the topic headlong. Password managers are undoubtfully the best available solution, but you still need to learn how to use them properly. And the article shows the potential problems and provides a quite safe path to including password manager in your security policies.
-
People considering switching to a password manager may wish to read the “Before you use a password manager” article (https://medium.com/@stuartschechter/before-you-use-a-password-manager-9f5949ccf168) lately mentioned by Schneier. It discusses risks involved in using a password manager, as well as approaches that are providing no gain.
Common sense, really. Although some people seem to have more trouble with common sense than others, so spelling it out probably doesn't hurt. ;D
-
Well it seems all my efforts to protect my data were in vein. Today in the mail I found out some scum bag collection company that had a years old 50.00$ medical bill I didn't even know I had. had all my info stolen. Info including social security their data was breached as determined by "an independent third party compliance firm". I can't stand these companies that pay fractions of a cent on the dollar for old debt then ruin your credit even after you or your insurance paid it. Since this is ambiguous I am thinking a $4999.99 small claims law suite against them where it will cost them more to fly out a lawyer to my state then just pay the amount. I have done about 10 small claims and they are ridiculously easy to win if you put a few hours into typing up the 12pt times new roman double spaced paper work. Sick of these companies. The letter outlines a free credit report with 24 months of credit monitoring! Wow they certainly are making this right considering having your identity stolen will cost you thousands and over a hundred hours of phone calls and letters in a BEST CASE scenario. I know they sold my phone number from the dates and times they got my info. More then likely they were being cheap with the security of their site, after all paying extra for proper security doesn't benefit them in the remote chance this will happen..
-
Without commenting on this specific case, that's why you don't want your data to roam freely and in innumerable databases. If there is no data it can't get leaked.
-
Even if some company doesn't collect your data the government does (and they can tap your connection wherever they find most convenient). There is no way to avoid it except legislation and people have voted again and again for more mass surveillance so not sure there is much one can do about it.
-
Aren't you still just using a single secret across all websites?