I find the discussion surrounding the XKCD strip alarming for the superstition it reveals about password generation. The particular theme I am alarmed by is that people seem to think that if a password looks alien, or was difficult for them to come up with, it will be hard for a machine to guess.
Look, we're working with big numbers here. You need to do the math.
In this thread alone, I've seen suggestions to use a common dictionary word translated into another language, or written in l33tsp34k with some permutations. From a probabilistic perspective, these are still dictionary words, even though they look like gibberish. The same is true of the common method of typing a word with ones fingers displaced on the keyboard.
Conversely, I see a lot of argument that these XKCD passphrases would be easy to guess because they are made up of dictionary words. This misunderstands the math behind the situation. Even if an attacker knows that your password was generated via this method, and even if they know the word list you used, the password is still hard to guess. The difficulty grows exponentially with each word in the phrase, and that's pretty fast.
The key with passwords is not to create something that looks random -- something that if you showed it to another human being, they'd have a hard time deciphering. It's to create something that is random; literally a result of a throw of the dice for every new password.
Human beings are really bad at creating randomness. There's a demonstration done in an early statistics class in which the professor divides the class into two groups. He tells one to toss a coin a hundred times and record the sequence of heads and tails, while the others are to write down a sequence they think is random using their imagination. The papers are completed and mixed and then -- magically! -- he is able to sort them into the two types, easily and with high accuracy.
The lesson is this: even when you think you're being random, you probably aren't. You're probably using the same tricks everyone else is, and making the same mistakes.
I would trust passwords that come out of a script like this to be far more secure than passwords anyone (myself included) made up, no matter how random they're trying to be.
This should be higher up. It's scary to see people — intelligent people, I'm sure — saying things like "And that goes even higher when you add punctuation!"
No, it doesn't. All of the reasonable punctuation you could add to a sentence adds only a few bits of entropy at best. It also makes the sentence harder to remember— was there a comma or not? Adding unreasonable punctuation or symbols is even worse— you get slightly more entropy at the cost of a password that is way harder to remember.
The crucial point here is that four random words, separated by spaces, selected at random only from the 2000 most common English words — EVEN IF your attacker knows that your password is four random English words from the 2000 most common separated by spaces — already is a very long random string. If it's not random, each common English word you add adds 11 bits, and is only marginally harder for most English speakers to remember. Conversely, choosing "random" extra characters to add in makes it slightly longer, very slightly more random, and way, way harder to remember.
> I would trust passwords that come out of a script like this to be far more secure than passwords anyone (myself included) made up, no matter how random they're trying to be.
Definitely agree with you here.
I've been using the "few random words" method for passwords I need to remember for some time (and random 20 character mixes of alpha/numeric/symbol for the other, which I have stored in a keepass db), and I know I'm not all that random in my choice of words so if someone managed to see one or two of my passphrases it would be quite easy to create a script that could brute force the other couple quickly.
I shall have to use a script like this (or throw together my own for paranoia's sake) next time I change one of my passphrases.
A lot of comments here seem to be missing the point.
The main point is to use passwords that give you the most "bang for the buck" in the sense of adding the most bits of entropy for the least difficulty of remembering. Adding an extra number, or punctuation, or certain numbers of repetitions generally adds only a little bit of entropy for a significant cost in additional challenge to your memory.
Our minds are well suited to remembering combinations of common words, and by stringing a few such words together, you can generate a larger search space than using a single word with a few substitutions. Even if the attacker knows the scheme you're using, he still must search through the space of combinations of common words, which XKCD is pointing out is quite large.
I've started using song lyrics when given the option of an extra-long password. I can get a very long string with little effort, and it's trivial to remember.
The best part is that any automated attack would have to deal with ringtone popups.
I don't think entropy is the whole story. I would argue that although security-through-obscurity is a terrible, awful practice for systems, it's not that bad for personal password schemes. Using a nonce "system" for passwords, even if it's mathematically low-entropy, is still secure, at least enough for personal use.
For example, if I use single dictionary words fed through a trivial ceasar cipher, then that is mathematically very low entropy. Realistically speaking, however, it's relatively safe if the cracker doesn't know that's what I'm doing, because it's impractical for crackers to compute all possible low entropy "alternative dictionaries."
i think you are missing the point: passwords should be hard to guess first and should be easy to remember second. the former is the stronger need.
let's say there are 500.000 english words you are choosing from and you use 4 words. that gives you 500000^4 possibilities. let's assume the words averages about 5 characters, so we will compare this to a 20(=4 words * 5 characters) character long password made of 26 types of character (english alphabet, not using numbers and other special characters), that gives you 26^20 possibilities. and 26^20 - 500000^4 ~= 2x10^28, or put it this way: (26^20) / (500 000^4) = 318 850.382..
i know a random sequence of 20 characters are very hard to remember, but 500.000 is an overestimation too. let's say we use special symbols too (50 characters) and the word dictionary has 100.000 words. (50^12) / (100 000^4) = 2.44 so we can say it is better to have a 12 character long password (made of alphanums + symbols) than 4 random word concatenated (i think 12 is somewhat a 'standard' for 'sensitive' passwords). and i would argue that on the long term multiple concatenated passwords are very hard to remember. i'm not saying this is a terrible approach, just not the silver bullet to the 'password problem' (which xkcd never claimed of course, and for 'non sensitive', 'reused'/'throwaway' passwords it may be a viable option).
I've been using phrases and sentences as passwords for a while, and I've found that there are 2 main problems;
1) A lot of sites, still in this day and age, have max password lengths, so I still have a lot of short passwords. Usually this is bank sites and the like.
2) Password entry fields are often very short visually, and with a long password getting lost is much easier. I find I have to type them over A LOT.
These are the real issues with this. Banks seem to be borderline idiots when it comes to password security: case-insensitive, no spaces, 20-character max, small choice of "special characters". These are from Amex, who's password requirements sadly were even worse a few months ago.
With crappy password requirements, it's impossible to use decent passphrases. Getting locked out of your account for 3 failed attempts at typing a 30-character password is pretty obnoxious, too.
In situations that allow passphrases, you don't need a password generator like this. You can grab a sentence from your favorite book and use it. e.g. "How do you do, Miss Doolittle?" That's not the best choice, but it's still got way more entropy than a standard password, probably a lot more entropy more than you'll get by choosing a 4-gram composed of words from a corpus of 2k, and it's easier to remember.
Don't forget sites that require: "your password MUST contain at least one number, one uppercase letter, and one of the following characters: !, @, #, or $, but not %, ^, &, or *". I slap my forehead at how counterproductive these requirements are.
Also annoying is that a lot of sites require gibberish. Apple requires at least one uppercase, one lowercase, and one number. Some sites require a symbol as well.
Especially if you are logging into multiple systems regularly using domain credentials, it rapidly becomes apparent that the faster and easier the password is to type, the better. I've found that some passwords with symbols and numbers just roll off the fingertips with a little practice, others not so much, but longer passphrases are for some reason the worst.
Very few sites have a short max password length. I use 1password, and of the 63 sites I've stored passwords, all but 2 allow 25 character password lengths. Ironically, my Bank only allows me 15 characters.
I haven't typed a password in 3+ months - don't know what any of mine are anymore, so I find typing is no longer an issue.
How about (NOT SECURE YET, IT NEEDS MORE ENTROPY):
from nltk.corpus import wordnet as wn
all_animals = set()
def add_to_set(animal):
all_animals.add(animal.name.split('.')[0].replace('_',' '))
for child in animal.hyponyms():
add_to_set(child)
add_to_set(wn.synset('animal.n.01'))
all_animals = list(all_animals)
actions = ['ate','chased','killed','fought','kissed',
'talked to','hated','loved','ambushed','fled'] # can add more
def make_password():
import random
random = random.SystemRandom() # is this secure?
choice = random.choice
return 'the %s %s the %s'%(choice(all_animals), choice(actions), choice(all_animals))
If you pruned out 90% of the animals (i.e. the obscure, hard to spell, or scientific names), this is still about 20 bits. And the passwords are kind of memorable (I've gotten such gems as "the dodo chased the guppy" or "the tigress killed the king charles spanial").
You could also add a humorous adjective ("rabid", "talking", "magic", "invisible", "evil" ...) or adverb ("roughly", "quickly", "quietly", "secretly" ...).
Completely random strings of words can be hard for me to remember, but something like, "the {adjective1} {animal1} {verb} the {ajective2} {verb2}" would be much easier for me to remember because the words relate to each other ways I already understand.
I expect we can get some fairly high entropy from just simple schemes like this.
However, the length of the password can be a real pain if you have to type it often, even once a day.
This is truly awesome. You could easily use a more complicated grammar, but it might get tricky to generate a password with a specified amount of entropy.
One slight addition to the xkcd password scheme that would add another order of magnitude of security would be to have your own personal "salt" that you add to all your passphrases. In this case, the salt would be a short, traditional, hard to remember password that you re-use with every xkcd style password. It would be hard to remember, but you'd only need to memorize it once.
So if your personal salt is "@T#23a" you would use "@T#23a correct horse battery staple" on one website and "@T#23a giant bug transistor leech" on another website.
Careful! This is only using `Math.random` and does not attempt to use `window.crypto.random` (though most browsers do not support it yet: http://jsfiddle.net/alanhogan/trUYu/) or anything that would attempt to bring real entropy into the process.
I don’t mean to fault the creator of this page, but at the same time, I would not trust this generator for important passwords, simply because you cannot know if others are getting the same 'random' results as you are.
> In the Javascript engines of IE (Trident), Firefox (Gecko), Safari (WebKit) and
Chrome (V8), the output of Math.random() can be used to reconstruct the
random seed, and thus provide both this seed and the current “JS mileage” (i.e.
the number of times Math.random() was invoked).
I wouldn't use a JS program served from somebody else's website to generate my password anyway. How do I know it's not sending them a copy of the passwords it generates?
function rpass() {
strings /dev/urandom | grep -o '[[:alnum:]\/!@#$%^&*()<>,.,{}]' | head -n $1 | tr -d '\n'; echo
}
Then run $ rpass 16 and get a 16 character random password with a fairly high entropy. Then just use a service like LastPass or a solution like KeePassX or even a single GPG-encrypted file to store your passwords. Problem solved.
Passwords are evil. Most of them should be treated the way you'd treat your private SSH or SSL key. Whenever you can eliminate a password and get the user to authenticate using a third-party identity provider, you are doing them a favor.
Edit: with 80 possible characters, you get 80^16 possible passwords: 10^19 years at 1000 guesses/second.
I prefer using a program like Password Safe (http://passwordsafe.sourceforge.net/), and use a safe password that's a long sentence (with punctuation). Then I can use arbitrarily long and complex passwords for all my accounts, and not have to worry about memorizing them individually. The password safe can even be synced across computers using Dropbox.
I prefer KeePass simply because it's got implementations on multiple OSs, as does Dropbox (to sync the password database file). So I've got it on my iMac, Android phone, Windows laptop, and Windows work PC.
GPG-encrypted free-form file (though it's fairly structured), edited via vim and a well-known "auto-encrypt/decrypt GPG files" configuration: http://vim.wikia.com/wiki/Encryption
(Actually, from that page, vim now has built-in blowfish encryption, which I'll have to look at -- yet another argument in favor of sharing tips on the 'TarTubes: you may learn something even when you're sharing your own knowledge).
I can't help but think that this is a solution to the wrong problem. The big problem with password security in the modern world really isn't that they're easy to break, but that they're pervasively reused between sites. So breaking them (for example, by reading them in plain text out of a dumb database!) in one place opens up attacks on higher value accounts.
The fix, of course, is to get users to stop re-using passwords between sites.
How does making passwords more memorable fix this? If anything, forcing users to use random base64 strings strikes me as more secure as they will be forced into some sort of password locker implementation by their inability to remember them.
"For those of us pedantic enough to want a rule, here it is: The preferred form is "xkcd", all lower-case. In formal contexts where a lowercase word shouldn't start a sentence, 'XKCD' is an okay alternative. 'Xkcd' is frowned upon."
Note that 44 bits of entropy is still nothing if you want protection from off-line attacks on password hashes. A couple of GPUs together can calculate a billion hashes per second, which eats through 2^44 possible passwords in only a few hours.
This was recently demonstrated when the mtgox password database was compromised.
edit: but this shouldn't be a problem if the password is properly hashed with bcrypt or some other scheme with a work factor.
But this approach scales at a much faster rate. Simply adding a fifth word throws even a billion-per-second attack out into hundreds-of-years territory.
Example generated phrase: "married greatly snake battle"
These phrases would be easier to remember if they made grammatical sense. Like Chomsky's famous "colorless green ideas sleep furiously" - the words relate to each other grammatically, even though it makes no sense.
Imagine memorizing "married greatly snake battle" vs "married snakes battle greatly." I think the latter is easier.
I would actually advise going against this advice. While it isn't a best practice, password sharing can and does happen, as does shoulder-surfing. It would take a LOT of effort to memorise my password, but a simple four word password will probably be remembered by accident. In a year's time if I piss a friend off, I don't want my Facebook password to be readily accessible in their memory.
I think more people need to learn to remember arbitrary strings. There really is no way around that problem if you want a decently secure password, and it's rare someone has a "good memory" - in most cases they've just learnt how to remember things well.
(Note: This doesn't really apply to me or most of us here in most cases, but for example my WiFi password is of the form "Mycatsname9" and yet my neighbour still has to ask me for it whenever her phone forgets it)
How do you share your preferred password? Because I guess everything but sending it per text/mail would be tedious, while it would work better with a couple of words.
Shoulder surfing: It's certainly a risk, but I'd say that prolonged shoulder surfing shouldn't be possible. If I type fast, it will be very hard to make out the phrase. If I type slow, you cannot stand around that long.
And - I'm not a security expert, but how much do you gain if you saw a couple of chars here? My intuition (yeah, shouldn't trust that) says that it's worse if I watch you and know the _first_ character of your password than you seeing the first 1-3 characters of the first word of my passphrase?
(We don't know the name of your cat, so judging the quality of the password or your neighbo(u)r's ability to remember it is hard)
So you're advising against what appears to be a more practical and secure methodology on the basis that it's worse when you share your password? If you share your password, your exact problem is that you're sharing your password -- it's not how easy or hard the password is to remember. In fact, why does this even have any significance when the person you're sharing it with can just write it down?
Oh and if within a year's time you do not change your password, that could very well be another problem. I think you'd be better off just using easy to remember pass phrases and changing them every once in a while. Shouldn't be a problem because they are, after all, easy to remember.
>I think more people need to learn to remember arbitrary strings.
The entire point is that humans aren't very good at doing this.
>(Note: This doesn't really apply to me or most of us here in most cases, but for example my WiFi password is of the form "Mycatsname9" and yet my neighbour still has to ask me for it whenever her phone forgets it)
This is actually exactly the kind of scenario where using pass phrases makes the most sense. WPA2 is vulnerable to rainbow table attacks; relatively long passphrases are both easier to remember for mere mortals and less likely to be broken by a rainbow table attack.
Yes, if you share your password, it's probably better to use a password that needs to be written down and can't be memorized, in order to have a chance of revocation. (Or you could just change your password.) But for most of us, most of the time, memorizable passwords are a boon.
You could probably get a few more bits of entropy kind of easily if you use words from other languages. This doesn't help the monolingual among us but it's great for me.
[+] [-] Dove|14 years ago|reply
Look, we're working with big numbers here. You need to do the math.
In this thread alone, I've seen suggestions to use a common dictionary word translated into another language, or written in l33tsp34k with some permutations. From a probabilistic perspective, these are still dictionary words, even though they look like gibberish. The same is true of the common method of typing a word with ones fingers displaced on the keyboard.
Conversely, I see a lot of argument that these XKCD passphrases would be easy to guess because they are made up of dictionary words. This misunderstands the math behind the situation. Even if an attacker knows that your password was generated via this method, and even if they know the word list you used, the password is still hard to guess. The difficulty grows exponentially with each word in the phrase, and that's pretty fast.
The key with passwords is not to create something that looks random -- something that if you showed it to another human being, they'd have a hard time deciphering. It's to create something that is random; literally a result of a throw of the dice for every new password.
Human beings are really bad at creating randomness. There's a demonstration done in an early statistics class in which the professor divides the class into two groups. He tells one to toss a coin a hundred times and record the sequence of heads and tails, while the others are to write down a sequence they think is random using their imagination. The papers are completed and mixed and then -- magically! -- he is able to sort them into the two types, easily and with high accuracy.
The lesson is this: even when you think you're being random, you probably aren't. You're probably using the same tricks everyone else is, and making the same mistakes.
I would trust passwords that come out of a script like this to be far more secure than passwords anyone (myself included) made up, no matter how random they're trying to be.
[+] [-] Cushman|14 years ago|reply
No, it doesn't. All of the reasonable punctuation you could add to a sentence adds only a few bits of entropy at best. It also makes the sentence harder to remember— was there a comma or not? Adding unreasonable punctuation or symbols is even worse— you get slightly more entropy at the cost of a password that is way harder to remember.
The crucial point here is that four random words, separated by spaces, selected at random only from the 2000 most common English words — EVEN IF your attacker knows that your password is four random English words from the 2000 most common separated by spaces — already is a very long random string. If it's not random, each common English word you add adds 11 bits, and is only marginally harder for most English speakers to remember. Conversely, choosing "random" extra characters to add in makes it slightly longer, very slightly more random, and way, way harder to remember.
[+] [-] jcr|14 years ago|reply
[+] [-] dspillett|14 years ago|reply
Definitely agree with you here.
I've been using the "few random words" method for passwords I need to remember for some time (and random 20 character mixes of alpha/numeric/symbol for the other, which I have stored in a keepass db), and I know I'm not all that random in my choice of words so if someone managed to see one or two of my passphrases it would be quite easy to create a script that could brute force the other couple quickly.
I shall have to use a script like this (or throw together my own for paranoia's sake) next time I change one of my passphrases.
[+] [-] Ideka|14 years ago|reply
It sounds very interesting. I've got to try it sometime :).
[+] [-] ddlatham|14 years ago|reply
The main point is to use passwords that give you the most "bang for the buck" in the sense of adding the most bits of entropy for the least difficulty of remembering. Adding an extra number, or punctuation, or certain numbers of repetitions generally adds only a little bit of entropy for a significant cost in additional challenge to your memory.
Our minds are well suited to remembering combinations of common words, and by stringing a few such words together, you can generate a larger search space than using a single word with a few substitutions. Even if the attacker knows the scheme you're using, he still must search through the space of combinations of common words, which XKCD is pointing out is quite large.
[+] [-] mortenjorck|14 years ago|reply
The best part is that any automated attack would have to deal with ringtone popups.
[+] [-] gabaix|14 years ago|reply
Long passwords are typing-error prone. With mobile devices, it gets worse, as typing is really painful.
[+] [-] lukev|14 years ago|reply
For example, if I use single dictionary words fed through a trivial ceasar cipher, then that is mathematically very low entropy. Realistically speaking, however, it's relatively safe if the cracker doesn't know that's what I'm doing, because it's impractical for crackers to compute all possible low entropy "alternative dictionaries."
[+] [-] eLod|14 years ago|reply
let's say there are 500.000 english words you are choosing from and you use 4 words. that gives you 500000^4 possibilities. let's assume the words averages about 5 characters, so we will compare this to a 20(=4 words * 5 characters) character long password made of 26 types of character (english alphabet, not using numbers and other special characters), that gives you 26^20 possibilities. and 26^20 - 500000^4 ~= 2x10^28, or put it this way: (26^20) / (500 000^4) = 318 850.382..
i know a random sequence of 20 characters are very hard to remember, but 500.000 is an overestimation too. let's say we use special symbols too (50 characters) and the word dictionary has 100.000 words. (50^12) / (100 000^4) = 2.44 so we can say it is better to have a 12 character long password (made of alphanums + symbols) than 4 random word concatenated (i think 12 is somewhat a 'standard' for 'sensitive' passwords). and i would argue that on the long term multiple concatenated passwords are very hard to remember. i'm not saying this is a terrible approach, just not the silver bullet to the 'password problem' (which xkcd never claimed of course, and for 'non sensitive', 'reused'/'throwaway' passwords it may be a viable option).
edit: and i forgot about case sensitivity too.
[+] [-] zobzu|14 years ago|reply
[+] [-] nmcfarl|14 years ago|reply
1) A lot of sites, still in this day and age, have max password lengths, so I still have a lot of short passwords. Usually this is bank sites and the like.
2) Password entry fields are often very short visually, and with a long password getting lost is much easier. I find I have to type them over A LOT.
The second is actually the more annoying problem.
[+] [-] dpark|14 years ago|reply
With crappy password requirements, it's impossible to use decent passphrases. Getting locked out of your account for 3 failed attempts at typing a 30-character password is pretty obnoxious, too.
In situations that allow passphrases, you don't need a password generator like this. You can grab a sentence from your favorite book and use it. e.g. "How do you do, Miss Doolittle?" That's not the best choice, but it's still got way more entropy than a standard password, probably a lot more entropy more than you'll get by choosing a 4-gram composed of words from a corpus of 2k, and it's easier to remember.
[+] [-] colanderman|14 years ago|reply
[+] [-] jobu|14 years ago|reply
[+] [-] flatline|14 years ago|reply
[+] [-] ghshephard|14 years ago|reply
I haven't typed a password in 3+ months - don't know what any of mine are anymore, so I find typing is no longer an issue.
[+] [-] r00fus|14 years ago|reply
Just choose a nice strong master password.
[+] [-] wisty|14 years ago|reply
You could also add a humorous adjective ("rabid", "talking", "magic", "invisible", "evil" ...) or adverb ("roughly", "quickly", "quietly", "secretly" ...).
You could also add a place name.
[+] [-] Periodic|14 years ago|reply
I expect we can get some fairly high entropy from just simple schemes like this.
However, the length of the password can be a real pain if you have to type it often, even once a day.
[+] [-] kragen|14 years ago|reply
[+] [-] drcode|14 years ago|reply
So if your personal salt is "@T#23a" you would use "@T#23a correct horse battery staple" on one website and "@T#23a giant bug transistor leech" on another website.
[+] [-] alanh|14 years ago|reply
I don’t mean to fault the creator of this page, but at the same time, I would not trust this generator for important passwords, simply because you cannot know if others are getting the same 'random' results as you are.
More info on SO: http://stackoverflow.com/questions/5651789/is-math-random-cr...
PDF on the topic: http://www.trusteer.com/sites/default/files/Temporary_User_T...
> In the Javascript engines of IE (Trident), Firefox (Gecko), Safari (WebKit) and Chrome (V8), the output of Math.random() can be used to reconstruct the random seed, and thus provide both this seed and the current “JS mileage” (i.e. the number of times Math.random() was invoked).
[+] [-] kragen|14 years ago|reply
[+] [-] IgorPartola|14 years ago|reply
Passwords are evil. Most of them should be treated the way you'd treat your private SSH or SSL key. Whenever you can eliminate a password and get the user to authenticate using a third-party identity provider, you are doing them a favor.
Edit: with 80 possible characters, you get 80^16 possible passwords: 10^19 years at 1000 guesses/second.
[+] [-] jsulak|14 years ago|reply
[+] [-] nollidge|14 years ago|reply
[+] [-] dredmorbius|14 years ago|reply
(Actually, from that page, vim now has built-in blowfish encryption, which I'll have to look at -- yet another argument in favor of sharing tips on the 'TarTubes: you may learn something even when you're sharing your own knowledge).
[+] [-] zobzu|14 years ago|reply
[+] [-] ajross|14 years ago|reply
The fix, of course, is to get users to stop re-using passwords between sites.
How does making passwords more memorable fix this? If anything, forcing users to use random base64 strings strikes me as more secure as they will be forced into some sort of password locker implementation by their inability to remember them.
[+] [-] GFischer|14 years ago|reply
"The science of password selection" (a breakdown of common passwords by selection practices, as taken from public leaks)
http://www.troyhunt.com/2011/07/science-of-password-selectio...
In short, passwords are chosen from:
People names: this includes a list of about 26,000 common first and last names.
Place names: this is everything from towns to states to countries and includes about 32,000 entries.
English dictionary
The most common passwords by group:
Name:
Place: Dictionary Words: Numbers:[+] [-] nrbafna|14 years ago|reply
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] wcoenen|14 years ago|reply
This was recently demonstrated when the mtgox password database was compromised.
edit: but this shouldn't be a problem if the password is properly hashed with bcrypt or some other scheme with a work factor.
[+] [-] salvadors|14 years ago|reply
[+] [-] billybob|14 years ago|reply
These phrases would be easier to remember if they made grammatical sense. Like Chomsky's famous "colorless green ideas sleep furiously" - the words relate to each other grammatically, even though it makes no sense.
Imagine memorizing "married greatly snake battle" vs "married snakes battle greatly." I think the latter is easier.
[+] [-] burgerbrain|14 years ago|reply
[+] [-] ZoFreX|14 years ago|reply
I think more people need to learn to remember arbitrary strings. There really is no way around that problem if you want a decently secure password, and it's rare someone has a "good memory" - in most cases they've just learnt how to remember things well.
(Note: This doesn't really apply to me or most of us here in most cases, but for example my WiFi password is of the form "Mycatsname9" and yet my neighbour still has to ask me for it whenever her phone forgets it)
[+] [-] darklajid|14 years ago|reply
Shoulder surfing: It's certainly a risk, but I'd say that prolonged shoulder surfing shouldn't be possible. If I type fast, it will be very hard to make out the phrase. If I type slow, you cannot stand around that long.
And - I'm not a security expert, but how much do you gain if you saw a couple of chars here? My intuition (yeah, shouldn't trust that) says that it's worse if I watch you and know the _first_ character of your password than you seeing the first 1-3 characters of the first word of my passphrase?
(We don't know the name of your cat, so judging the quality of the password or your neighbo(u)r's ability to remember it is hard)
[+] [-] nxn|14 years ago|reply
Oh and if within a year's time you do not change your password, that could very well be another problem. I think you'd be better off just using easy to remember pass phrases and changing them every once in a while. Shouldn't be a problem because they are, after all, easy to remember.
[+] [-] commandar|14 years ago|reply
The entire point is that humans aren't very good at doing this.
>(Note: This doesn't really apply to me or most of us here in most cases, but for example my WiFi password is of the form "Mycatsname9" and yet my neighbour still has to ask me for it whenever her phone forgets it)
This is actually exactly the kind of scenario where using pass phrases makes the most sense. WPA2 is vulnerable to rainbow table attacks; relatively long passphrases are both easier to remember for mere mortals and less likely to be broken by a rainbow table attack.
[+] [-] kragen|14 years ago|reply
[+] [-] nakkiel|14 years ago|reply
shuf -n4 /usr/share/dict/words | tr '\n' ' '
[+] [-] scythe|14 years ago|reply
[+] [-] numeromancer|14 years ago|reply
[+] [-] mrspeaker|14 years ago|reply
The top 500 list has an awful lot of naughty words - so the phrases are pretty easy to remember ;)
[+] [-] marze|14 years ago|reply
This is 2011, shouldn't every server be configured to allow a guess every two seconds for 20 guesses, then every 10 minutes, or something similar?
I'm not familiar with common practices in this area, but why wouldn't all such services be configured to limit the incorrect guesses?
[+] [-] ck2|14 years ago|reply
[+] [-] buro9|14 years ago|reply
[+] [-] jwingy|14 years ago|reply
You could have four word phrases that are maybe only ~12 characters, which if there are only alphabetical characters in the password, are still very much crackable via GPU brute force (http://mytechencounters.wordpress.com/2011/04/03/gpu-passwor...)