[SOT] {FWD} [Dailydave] Don't use vowels in passwords! (fwd)

Tue Nov 12 13:16:51 PST 2013

> The xkcd comic doesn't really apply anymore. Dictionary attacks have
> gotten to the point where they can crack 'momof3g8kids' and
> 'Coneyisland9/,'

Your examples suggest you're referring to that article that alleged
dictionary attacks can crack 90% of hashed database passwords offline in
4 hours, right? Can't remember the site. They neglected to say they
were dealing with unsalted md5 hashes.

A password of good length, stored using a *password hash*, is pretty
secure against attack. 'Good length' here is 20 characters or more, if
you ask me..but the "true" entropy of a passphrase is not merely the
length or character value, but number of words. So a 4-word
20-character passphrase is probably slightly weaker than a 5-word one,
because pattern-based or markov-based brute-forcers may have an easier
time working through 4-character passphrases.

All speculation, but still. A password hash that is uniquely salted
forces an attacker to brute force every possible password again for
each attacked password. A password hashed with a scheme like scrypt or
pbkdf2 can require a second or more per password hashing attempt. The
entropy of a password becomes infinitely less limiting to security when
each hashing attempt takes longer than iterating over a dictionary!

For extra points, you could probably hack up something to dissociate a
password hash from the account on the server database side, so an
attacker getting the database can't even specifically target a
particular high-value user.

There are JS libs out there for PBKDF2 and SCRYPT, and salts can be
uniquely assigned trivially. Site owners can check passwords at
sign-up time against a list of known passwords in bruteforce
dictionaries. There are probably libraries to check and enforce decent
passwords (as in, length and proportionate variability of character use,
not stupid overcomplexity), and if not then they'd be fairly easy to
hack up.

All of which means this: the problem we have today isn't that passwords
suck (although there is a minimum practical length you should enforce).
It's that the people providing the password have no control over the
security policy of the site owners, and site owners think password
security is something you enforce on users (no vowels! Pray to Slaanesh
whilst entering your passwords or face account deletion!) and that you
can store plains or unsalted md5s on your syndicated hipster blogging
platform and sleep untroubled.

On Tue, 12 Nov 2013 11:00:01 -0500
David Vorick <david.vorick at gmail.com> wrote:

> https://www.schneier.com/blog/archives/2013/06/a_really_good_a.html
> 
> The xkcd comic doesn't really apply anymore. Dictionary attacks have
> gotten to the point where they can crack 'momof3g8kids' and
> 'Coneyisland9/,'
> 
> and apparently have dictionaries breaking 100 million words. As
> password attacks get better and better at predicting human patterns
> (and hardware gets faster), you are going to need to completely
> generate your passwords at random in order to defend against
> dictionary attacks.
> 
> Which means the current password model is broken, as we all know it
> has been for a while. Why isn't there a stronger effort to replace it
> with something like a universal public key system?
> 
> 
> On Tue, Nov 12, 2013 at 4:01 AM, rysiek <rysiek at hackerspace.pl> wrote:
> 
> > Dnia poniedziałek, 11 listopada 2013 15:29:13 Kelly John Rose pisze:
> > > The most useful strategy I've seen is to use multiple
> > > authentication methods or the "a few really hard passwords +
> > > random statement for each site."
> > >
> > > Ie. you can probably memorize something like
> > >
> > > lMB^9Pl!
> > >
> > > so use that for the sites and then tack on something like
> > >
> > > lMB^9Pl!Ilikeshopping123
> > >
> > > Then the probability of actually cracking that password is low,
> > > and unless you are being specifically targeted, even if they got
> > > that password they wouldn't immediately be able to use it on
> > > other websites. It's easy to remember because that 8 digit code
> > > you'll type everywhere, and the ending is always something
> > > cognitively easy.
> >
> > Oblig. XKCD:
> > http://xkcd.com/936/
> >
> > --
> > Pozdr
> > rysiek

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20131112/ef93d7fe/attachment-0002.sig>