[p2p-hackers] guidelines for good password policy and maintenance / user centric identity with single passwords (or a small number at most over time)

[coderman]

On 3/27/06, Michael J Freedman <mfreed at cs.nyu.edu> wrote:
> ...
> This approach is certainly commonly done by people for useability.
> However, the problem is that the best security you get is that of security
> provided by the weakest site (i.e., the weakest link the chain analogy).

true; which is why i'd like to see them use a single good password to
mount an encrypted volume and secure OS where the rest of the
(different*) passwords and PIN's and whatever else are kept.


> As a solution developed precisely for this problem, you should check out
> the pwdhash extension for browsers:
>
>    http://crypto.stanford.edu/PwdHash/

this is a handy utility!

i'd still be concerned about dictionary attacks on poor passwords
(that is, discovering '.848fe29s44j' is the hash for pwned.com and
'secret'.)  secure digests make this more expensive but not by much.

* are you aware of any utility for the browser that generates random
passwords?  i'd like something like this as well, with the idea that
the first time you visit the site (or need to change a password) a
random password is generated, placed in the input text field, and then
the browser password manager remembers it after that point.  (and the
password db is stored on an encrypted file system to prevent theft).

someone will ask about users who aren't on their machine and need to
access a site.  i don't like to support this ability because you
should never be using an untrusted computer to access a secure site. 
if the computer is trusted you should also be able to boot from CD and
insert your USB storage key (which lets you use your browser password
manager).

(actually, looking at the source for PwdHash it appears easy enough to
modify for random password generation)

thanks for the tip,