• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

[Tutorial] - How to Create a Secure Password

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Goto page 1, 2, 3, 4  Next
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering

View previous topic :: View next topic  
Author Message
NeonWizard
Just Arrived
Just Arrived


Joined: 06 Aug 2004
Posts: 0
Location: Vancouver, Canada

Offline

PostPosted: Thu Aug 12, 2004 8:43 pm    Post subject: [Tutorial] - How to Create a Secure Password Reply with quote

Secure Passwords Tutorial

This tutorial was designed as a guideline for choosing good passwords for computer users. Password security is a very important thing that many people overlook. You usually think about a password as a tiny thing that protects your hotmail account. But what about your online banking, where you credit card number is, or your eBay account? Anywhere you use a password, it is critical that it’s a strong password. Password cracking has evolved a lot, there are now very many password crackers available to anyone to download for free, and most users fell back in time on making secure passwords. So whether it’s protecting your computer, or online accounts, it has to be a strong password in order for your information to be safe.

What Not To Use

Many users use in their passwords things from personal life, such as:
  • names
  • birthdays
  • dates
Do not use this, under any circumstances. These things can be easily guessed, and more easily cracked. Never use obvious things from your life, such as names, birthdays or other dates. Anyone who knows you a bit can easily guess your password. Password crackers have all the names, and can try hundred of number combinations very fast. Never use these things in your password.

Password Generators

Password generators do indeed create strong passwords, but they have other flaws. The passwords that they spit out are hard to remember, and take long to type. They are also vulnerable against the password-generating algorithm, which some password crackers might use in order to reverse the decrypting process.

An online example here: http://makemeapassword.com/

The Longer The Password, the Better

In the old days, the characters in a password of an NT box were limited to 14. Today, Windows 2000 and Windows XP allow up to 127 characters as a password. The longer your password, the longer it will take to crack. One thing that was discovered is that if you make a password in Windows longer than 15 characters, Windows does not store the LanMan hash properly. This protects you against brute force attacks of password crackers.

Make Use Of Characters/Symbols

In order to make a strong password, it’s recommended that you use all types of characters and symbols.

Code:
Lower Case – a,b,c,d
Upper Case – A,B,C,D
Symbols - @,#,$,%,^,
Numerals – 1,2,3,4
Alt Characters – Â, €


It is highly recommended to use a combination of these characters, numerals and symbols. If you don’t want to use the Alt Characters, use upper and lower case, numerals and symbols, which will create a strong password, and make it hard for password crackers to break it. One interesting example could be NeonWizard20@email.com, while this might seem unusual to you, this password uses upper/lower case characters, numerals, and symbols. When I put it in a Password Strength Meter, it showed me that it is a very strong password. However, make sure you don’t use your real email address. This kind of type is only an example. It uses all the characters and symbols; it’s easy to remember, hard for password crackers to break, and no one could even think of guessing it.

Using Space

Passwords in Windows 2000 & XP can use space. It is not recommended to use space at the beginning or at the end of the password. The other downside of it is the sound that the keyboard makes when your press the space bar, and someone can easily tell that you pressed space on your keyboard.

Inversed Words

Some people think it’s good to write a word inversed. Such as admin, could come nimda. Password crackers will try to reverse all the words, so it’s not a good idea to write inversed words. It’s still easy to crack a normal word, even if it’s inversed.

Using Different Passwords For Different Accounts

Why don’t all the doors on your street use the same key? Because your neighbours don’t want you in their house. It’s the same with you. If someone breaks or finds out a password, you don’t want them snooping at your other accounts, such as online banking. That’s why it’s recommended that you use different passwords for different accounts. I don’t mean use a different password for every account, but use one for your email and forums, and a different one for banking. But surely, please use a different one for important stuff such as banking, online shopping, or anything that has your credit card number in the account.

If someone is after you, they’ll likely to try to break your email account first. If they find out that, they will try the same password for your other accounts too. In the end, you decide how you want to divide your accounts and passwords, likely due to how paranoid you are.

Writing Down Passwords

If you want to write down passwords, for whatever reason, make sure you keep them locked somewhere, in a safe if possible. Under no circumstances are they to be left on Post It notes, and pieces of papers in your desk. The room/office where your computer is located will be the first place that someone who breaks in will look for a written password.

One reason that you might want to write down the password of the admin is in case he quits, so you can have access to the network. But if you do write it down, make sure it’s locked properly.

Public/Office Physical Security

Another issue is keeping your password safe in a public/office workspace. People that walk by could peek at your keyboard while you’re typing. Also, people who sit besides you could peek over at your keyboard. It happens in an environment where are many persons, and getting your password can be as easy as seeing what the person is typing. That’s why you need to be familiar with your password. If you are, you can type it very fast, and even someone who is looking at your keyboard very close couldn’t tell everything that you typed.

Make sure no one stops behind your back, and if you are sitting close to someone, type the password fast and don’t let them see the keyboard. Some people aren’t even ashamed to look at your keyboard while typing the password.

Convenience Over Security

Many people don’t even put passwords on their home computers. I can understand this, because every time you boot up you have to type the password. If you just let the system boot up without any logging on, it’s easier. But what if someone breaks into your house, and steals it? It’s going to be very easy for that person to get all your personal info. But putting passwords on people who travel with a laptop is a must. Laptop theft, and misplace happens a lot, and the first thing someone does after they get your computer is try to crack the password.

I think that most laptops today come with tracking devices, and if your password is secure, it could take weeks if not months for a password cracker to break it. This could mean that your laptop could be recovered before they broke your password.

Password Crackers

Eventually, any password can be cracked. But the amount of time it takes to crack a password depends only on how good the password is. If it’s a hard one, it could take weeks, and eventually, whoever is trying to crack it, will probably give up after a couple of hours. Password crackers are not sci-fi, as some people would think. Password crackers use world lists, brute force attacks, or both at the same time. Word lists is exactly what the name says, a very long list of words, which are combined in different methods in order to crack the password.

Brute force attacks simple make every possible combination of characters and numerals, until it finds the password. Brute force attacks are very slow, but eventually, they will find the right combination. Probably the most well known password cracker is John The Ripper.

Resetting Passwords

A thing that is widely overlooked by people is the ability to reset passwords. This is probably the easiest way to “break” someone’s password. It’s very simple, and even if you do have a strong password, anyone who knows you a bit can easily reset the password, make one of his or her own and take over your account.

It can be done so quickly, here are the steps on how easy you can reset a Hotmail password. So you enter the email address, and type some bogus password. Then it tells you the password is wrong, and you want to reset it. You pick the country, and then you pick the state. Pretty easy if you know someone’s password. There are hundreds of free online directories, such as White Pages and Yellow Pages, so type the name, and you easily get the zip code. This is for US, because if you’re trying to reset someone’s password that lives in Canada, it doesn’t even ask you for a zip code. Here comes the part that really matters. How hard is the secret question and how hard is it to answer?

Some of the secret questions are:
  • Favorite pet’s name
  • Favorite Movie
  • Anniversary
  • Father’s Middle Name
  • Spouse’s Middle Name
  • First Child’s Middle Name
  • High School Name
  • Favorite Teacher’s Name
  • Favorite Sports Team
If you know somebody, even just a bit, you probably know the answer to these questions. So please, after you made your account, change the secret question and the answer. Don’t make it easy and take it for granted, because probably the first way someone will try to get your password is by resetting it. Make the answer and the question difficult. One good question that I came across when I was trying to reset someone’s password was: “Once upon of time” now this may sound like a fairy tale, but I really got no idea what to type.

There could be a thousand of answers to that. So, if you really care about your password being strong, make sure you make a good secret question and answer. And this is not just for Hotmail, but many other online services use this resetting method, extremely flawless if not used properly.

The Importance of Logging Out

Another thing that can be used to take over one’s account, no matter how strong the password might be, is forgetting to log out from accounts when using a public computer. Some browsers do log you out automatically when you close it, but others don’t. So please, if you do use a public computer, always log out from all your accounts.

Finding Passwords

Even if you do have a strong password, it can still be found in other ways, if you’re not careful. Social engineering, the nice way to ask for someone’s password is one of them. This is for those 70% of people that would reveal their password for a chocolate bar, as a study conducted this year shows. Don’t give the password to anyone, for whatever they got. Don’t give it to your parents, friends, girlfriends, wives, or no one else. If there is a real problem, the system administrator will probably come to you and ask for it. Another way to get a password is through key loggers. Be careful that you don’t have one installed on the computer. Make spyware and virus checks often.

Conclusion

The best password is one that you can come up on your own with, not one that’s spit out by a password generator. You must be familiarized with it, so you can type it fast, in case anyone is peeking over at your keyboard. A good password contains upper/lower case characters, numerals, and symbols. Also, it has to be long, 15 characters if possible. Only you can decide what the best password is for you. If you’d like to test the strength of it, please use the Password Strength Meter , or install a password cracker on your system to see how long it takes to figure out the password.

*Edited and reformated by ST*
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
piccolo_21
Just Arrived
Just Arrived


Joined: 07 Jan 2004
Posts: 0
Location: NYC, USA

Offline

PostPosted: Thu Aug 12, 2004 8:49 pm    Post subject: Reply with quote

I read somewhere about rsa and key pairs dont the make good passwords.
Back to top
View user's profile Send private message Send e-mail AIM Address
Mongrel
SF Mod
SF Mod


Joined: 30 May 2002
Posts: 8


Offline

PostPosted: Thu Aug 12, 2004 10:36 pm    Post subject: Reply with quote

NeonWizard - Nice Tutorial. Covers pretty much everything I can think of.

BTW - thanks for linking to SFDC on your site too.
Back to top
View user's profile Send private message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Fri Aug 13, 2004 5:22 am    Post subject: Reply with quote

Hi Neon, good work and welcome to SFDC Smile

I hope you don't mind I took the liberty of reformatting a little to make the article easier to read (just a tip for future writing, also break large blocks of text up into smaller paragraphs, it makes it easier to read and digest, especially for those of us that speed read).

I also added 1 web link in the password generation section and moved it to this section so it can benefit a wider audience.

Cheers

ST
Back to top
View user's profile Send private message Visit poster's website
M3DU54
Trusted SF Member
Trusted SF Member


Joined: 11 May 2002
Posts: 1
Location: Las Palmas de Gran Canaria

Offline

PostPosted: Fri Aug 13, 2004 7:28 am    Post subject: Reply with quote

Nice tutorial, and welcome aboard.


RE: Long passwords

You mention password length. I believe passwords beyond a certain length are pretty much redundant due to the compression function of hashing algorithms.

The LM hash is 16 bytes long. This means that there are only 2^128 (around 3.4 × 10^38) unique values for the hash. Just using mixed-alpha-and-numerics (no symbols) we have 62 possible combinations per keystroke, lets call it 64 for the hell of it. 22 such keystrokes offer around 5.44 × 10^39 unique combinations.

Lets compare those two figures...

128 bit Hash = 3.402 × 10^38 unique combinations
22 keystrokes = 5.444 × 10^39 unique combinations

We should immediately notice that for every password of any length (regardless of character set) there is another password of 22 keystrokes or less (using only mixed-alpha-and-numerics-plus2[64]) that will also get you past the login screen. In fact, there may be quite a few, ten or more wouldn't surprise me.

The minimum number of keystrokes to pretty much guarantee a password collision for various sizes of the attackers key set is...

keyset[064] - 22 keystrokes
keyset[128] - 19 keystrokes
keyset[192] - 17 keystrokes
keyset[256] - 16 keystrokes

So, at the end of the day the earlier limitation of 14 keystrokes was not actually so bad. It seems that at 20 keystrokes we are approaching the usefulness of password length in an authentication system based upon 128bit hash comparison. 127 is IMO pointlessly extreme.

I'm not saying that this weakness is easily exploitable, quite the reverse seems apparent. I'm just doubting the effectiveness of 30+ character passwords given the compression function of 128bit hashes.


There is the possibility that I'm missing something important here but I'm sure JustinT will correct me if I'm wrong. Until then I will retain the opinion that passwords with greater entropy than the hash offer very little additional protection. Justin?


M3Dz
Back to top
View user's profile Send private message
Security Hobbit
Just Arrived
Just Arrived


Joined: 14 Jul 2004
Posts: 0


Offline

PostPosted: Fri Aug 13, 2004 4:45 pm    Post subject: Reply with quote

NeonWixard, do you recommend patterns on keyboard?
Example: 87yhji*&YHJI (scores Strong in your password meter).

The password is simply two 'circles' on the keyboard starting at 8, then 7, then y, h, j, and i. You then repeat the circle with [shift] key pressed. You get combinations of all characters. You can easily add a non-printable ascii character at the beginning or end too.
Any combination of patterns would do similar results.

Or are good password cracking apps detecting these patterns in pseudo-dictionary attacks? (well ,they wouldn't be dictionary attacks, but there are so many patterns you can do on a keyboard).

N.
Back to top
View user's profile Send private message
piccolo_21
Just Arrived
Just Arrived


Joined: 07 Jan 2004
Posts: 0
Location: NYC, USA

Offline

PostPosted: Fri Aug 13, 2004 5:10 pm    Post subject: Reply with quote

Nice pattern technique, but what about rsa and pass pharses
Back to top
View user's profile Send private message Send e-mail AIM Address
bknows
Just Arrived
Just Arrived


Joined: 11 Jul 2003
Posts: 5


Offline

PostPosted: Fri Aug 13, 2004 5:17 pm    Post subject: Reply with quote

Regarding secret questions, never answer it according to the question.

For example, what is your favorite color? Answer: Ford Explorer

Sure, it's not as easy to remember, but it's not as easy to guess either.

Pay the price for security.
Back to top
View user's profile Send private message
NeonWizard
Just Arrived
Just Arrived


Joined: 06 Aug 2004
Posts: 0
Location: Vancouver, Canada

Offline

PostPosted: Fri Aug 13, 2004 7:30 pm    Post subject: Reply with quote

Thanks ST, it does look better now.

Thank you for that info MD3U54. I think too that 30+ character password is too much.

I don't think that password crackers can detect those kinds of patterns, but it's not really good to use them. Problem is, you're typing the same thing twice, only the second time you're pressing shift. Password crackers might try that, typing the phrase normal first, then use shift to type it again. But it did score strong. Another thing is physical security. Someone might be looking, and there's a higher chance to see the password when you're typing the same thing twice, only keeping Shift down the second time.

Passphrases are better because usually they have more characters, and easier to remember. But the ordinary passphrase does not include uppercase characters, numerals or symbols. So if you're going to use a passphrase, don't make it an obvious one, and make sure it uses upper/lower characters, numerals and symbols.

RSA and microsoft are going to launch the SecurID in the fall I think. SecurID is good, because it uses two factors for authentification, the random generated number, and also the number given to the user. Maybe the same technology will appear in Longhorn OS. Problem with the passwords today is that any password can be broken in the end. No matter how strong it is, even if it takes months for the password to work, in the end it can be broken.

bknows is right, you should answer the question totally different.
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlândia, MG, Brazil

Offline

PostPosted: Sun Aug 15, 2004 4:25 am    Post subject: Passwords, passphrases, and pseudo-randomness. Reply with quote

This is conditional on what exactly you're using your passwords or passphrases for; if you're considering the use of either of this as converted cryptographic keys, consider otherwise, because it's not a good idea. Ideally, you should use some type of cryptographically sound method of generating random data (realistically pseudo-random, but cryptographically secure), such as a PRNG, which could be based on either stream or block ciphers, with the usage of a secure hash function. To conclude with that, there is no substitute for a good random value, when it comes to constructing a cryptographic key. Predictable, redundant passwords and passphrases are far too commonplace to cater to any conservative margin of security.

The problem with "password security meters" is that many of them do not take into full account the concepts proposed in information theory; they only "measure" the "security" of a value based on things such as its periodicity or whether or not it adheres to an etiquette for mixing alphabetic-numeric-symbolic characters. Many do not take into account the absolute and actual rates of a language or the formulas relating to redundancies. Most of these fall embarrassingly short of accuracy and give insanely falsified notions of security for user input.

The core field that explores the correlation between cryptographic key length and password and passphrase length equivalents lies within information theory, with the pioneers consisting of Turing, to Shannon, to Cover, et cetera. You'll find the terms, entropy, uncertainty, rate of a language, unicity distance, et cetera, that will prove to be crucial in truly understanding what it means to construct a secure password or passphrase. You'll also find that there are many formulas to derive figures that measure just how much information is contained per character, which ultimately depends on the language in use, its character set, and the associated statistics. This causes the "security" of a value to fluctuate tremendously.

Assuming standard English, you'll see a common rule-of-thumb of assuming 1.3 bits of information per character; that's asking for a little over 196 characters, to correspond to the level of security we would expect of a 256-bit symmetric key, roughly, with that formula. Using alphabetic-numeric-symbolic techniques for your passwords or passphrases will lower that requirement, but not to any significant extent that's more appealing than a solid cryptographic method for key generation. You can achieve sufficient levels of security by converting passwords or passphrases to cryptographic keys, but just to be conservative, your lower bounds should probably be much higher.

You can assume that if the password or passphrase is long enough, and contains enough entropy, the resulting hash value should be random, in terms of statistics. The overall complexity you achieve is limited to that of the hash function you choose, so you want the entropy of your value to match the level of security obtained with that hash function; the maximum level of security is limited to the hash function, however, so you can go overkill (i.e, MD5 gives you a complexity of 2^64, SHA-1 renders 2^80, SHA-256 renders 2^128, and so on and so forth). This is just one of the reasons that using a PRNG is easier and more cryptographically efficient.

Passwords and passphrases have their uses, but cryptographically, they've become insufficient for modern threat models. I've discussed this briefly before. They do have their uses, but where they were sufficiently classically, they've lost appeal, conventionally, for the most part. In fact, when you realize that they are "human memory friendly", you understand the inherent reason they are so widely deployed, so it would make sense that research be done to add security in favor of this; an excerpt from a past thread shows one such cryptanalysis:

JustinT wrote:

The biggest mistake of this system, oftentimes, is relying on the user to be secure. Why do you think dictionary attacks are so effective? There is no substitute for a good, random password or passphrase, but because things that we can comfortably store in memory are more convenient, it's easy to abuse the security margin. However, for cryptography to be appealing, it must be convenient. C. Ellison, C. Hall, R. Milbert, and B. Schneier designed a systematic approach to protecting the password or passphrase itself, using "personal entropy", which involves the answering of certain questions that are unique, or personal. In other words, you encrypt your password or passphrase with the answers of a set of questions, where you can still obtain your password or passphrase by only knowing a subset of those questions. This is probably one of the most promising designs, in terms of usefulness. It's a genius way to both add security to our system of password and passphrase protection and make things easier on the user's memory, but in turn, frustrate an attacker by requiring that he or she knows a much larger subset of data, in order to derive any useful information.


It makes more cryptographic sense to not use them where pseudo-random number generation is applicable, to provide a more conservative sense of obtaining maximum entropy and statistical sufficiency. It's just more routinely trivial, nowadays. You can gain this appeal with much less required value length.

The ideal scenario is to use a cryptographically sound method for key generation, as briefly touched upon above, and a sufficiently secure method for storing keys. If done properly, you won't be so practically worried about raw exhaustive search, dictionary attacks, or the fallacies associated with information theory. An appropriate compromise would be aiming for a scheme along these lines. Making a good password or passphrase is practically achievable, of course, but generating a good pseudo-random value is easier, and often better.
Back to top
View user's profile Send private message Visit poster's website
Security Hobbit
Just Arrived
Just Arrived


Joined: 14 Jul 2004
Posts: 0


Offline

PostPosted: Mon Aug 16, 2004 1:01 pm    Post subject: Reply with quote

I will not claim to understand half of what JustinT says, but in all practicality, what can we little people do? I really suppose it depends on the threats, but for a home user only scared of people batch running things like L0phtCrack, then what is a good solution?

I mean, isn't it simpler to have a 'simple' password that has to be changed every week (by simple I mean something that would withstand an attack for a week - btw, how can we check that without spending weeks on our computer running L0phtcrack?) rather than a strong password 14+ characters with numbers-upper-lower-alt-...?

Assuming we use a random password generator for one important password (accepting any of them, ie: no bias at all), then how long should it be? I can commit myself to remembering one of those things I suppose.

Cheers,
N.
Back to top
View user's profile Send private message
NeonWizard
Just Arrived
Just Arrived


Joined: 06 Aug 2004
Posts: 0
Location: Vancouver, Canada

Offline

PostPosted: Tue Aug 17, 2004 3:19 am    Post subject: Reply with quote

For home users, first of all, use a firewall, anti virus and spyware checkers. Don't let unknown software access the net, and make sure you run anti spyware tools, as many of them detect software such as password crackers.

It's better to use a good password, instead of a simpler one. It's not hard to make a good password. one example that i've put up was the email one. It's hard to crack, and uses all the necessary stuff.

I'm not talking about your computer's password only, but also about online accounts. Your computer is in danger when someone physically is there and tries to crack it, presuming someone broke in your house.

Password generators make good passwords, and if you're committed to remembering one of those, that's good.

Use that security strength meter. Your password would have to be pretty strong in order to withstand an attack for a full week.
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlândia, MG, Brazil

Offline

PostPosted: Wed Aug 18, 2004 10:59 am    Post subject: Opinions. Reply with quote

NeonWizard wrote:

Eventually, any password can be cracked. But the amount of time it takes to crack a password depends only on how good the password is. If it’s a hard one, it could take weeks, and eventually, whoever is trying to crack it, will probably give up after a couple of hours.


Sure. Exhaustively searching through a finite value-space is presumed, but a "good" value should make such a task practically infeasible. If it can be compromised in weeks or months, it's a horribly chosen value. Ideally, it should be resilient to dictionary attacks, also. If properly derived, it should set "eventually" to beyond our lifetime, given currently known computational resources (at least in the public sector). This is another good case where derivation by pseudo-random mapping/function/permutation/et cetera would be highly suitable.

NeonWizard wrote:

The best password is one that you can come up on your own with, not one that’s spit out by a password generator.


This is definitely not a concrete statement; it depends on the soundness of the human's philosophy as opposed to the deterministic source. A deterministic cryptographic source that generates statistically random values is often much more secure than what can be conveniently derived by the user. It's conditional, so "best" would ultimately depend on the methodology.

NeonWizard wrote:

It's not hard to make a good password. one example that i've put up was the email one. It's hard to crack, and uses all the necessary stuff.


Actually, that example isn't inherently "good", in terms of the security you would assume it to provide, based on what it "scored." Cryptanalysts generally, oftentimes, have prior probabilistic knowledge before conducting analyses. One problem with your example is that it contains an identifiable structure of redundancy. Although it does use a mixture of alphabet cases, numbers, and symbols, it is constructed of predictable, legible characters. It isn't random-like, at all, so we can rule out a lot of values, as probable candidates.

This can be used as a distinguisher to tell us that not all values are equally likely, under the probability that this structure may have been applied. If this was obtainable knowledge, it could be applied as an aid in drastically reducing the complexity of the value in question. Assuming that many adopt these philosophies for choosing passwords, it will only make the attacks more trivially applicable. Password-choosing etiquette exists because of the redundancy of such structure and the fallacies of not taking that into consideration.

Given particular, information, which could be viewed as quite negligible, it wouldn't be "hard" to break; it would be much more practical than you might think. The point is, there should be no information available about the value for me to take advantage of as prior probabilistic knowledge, in the first place; the value should be as random and unpredictable as possible. Never underestimate the ability of a cryptanalyst to mine for information about plaintext.

NeonWizard wrote:

Use that security strength meter. Your password would have to be pretty strong in order to withstand an attack for a full week.


That "security strength meter" is rather poor; the etiquette for choosing a "good" password or passphrase is much too minimal, to begin with, from a cryptographic perspective, and the actual rendered results do not adhere to the entire etiquette they propose. The "guidelines" they propose are generally good, but far from enough, in terms of being sufficiently random, unpredictable, and resilient to exploitation of redundancies and specialized exhaustive search. To give a true impression of "security strength", it would need to be much more information theoretic.

The problem is - it may be able to recognize a good password or passphrase when it sees it, but not necessarily a potentially bad password or passphrase, because the criteria being analyzed is predominantly generic; generally speaking, this allows good values to render good results, usually, but also allows bad values to render good results. This meter is capable of providing incredibly falsified notions of security, and shouldn't be expected to give accurate measurements.

As far as using password or passphrase protection, it truly does depend on your threat model. Chances are, if your threat is low, you may suffice with a relatively secure, arbitrary value based off of a particular language. Dictionary attacks are extremely realistic and extremely effective, so this is a gamble no sane person should take, where confidential credentials are at stake. It's conservative to assume your threat is greater than it may actually be, even if you only reap the theoretical benefit; this gives you a wide margin of security to play with, if the

We've mentioned techniques, such as "personal entropy", that add layers of security to the process of using passwords or passphrases, but essentially, no password or passphrase scheme is better, in terms of generating a cryptographic key, than one that is randomly generated.

One possible solution is to deploy a utility who's purpose is to encrypt passwords, passphrases, keys, et cetera, so you don't have to be bothered with remembering them all. This would allow you to safely store cryptographically sound pseudo-random number generated keys, and only require that you commit yourself to memorizing one "master" key value; this would also be as random, preferably. Assuming your keys are generated properly and your storage methodology is secure, this is one of the better, practical solutions.

Again, determining your threat model is vital; it's difficult to calculate a conservative margin of security, if you're unaware of the cost of compromise. This is, of course, quite conditional, so what is sufficient is variable. However, for the minuscule cost of generating relatively sufficient random values, and conveniently storing them in a secure manner, it's wise to go this route, where applicable. You can derive good, random keys from passwords or passphrases, but it's generally more secure, trivial, and information-theory-friendly to use a PRNG, or some relatively suitable primitive alternative.

Many of the common applications that still rely on password-protection boast threat models much too volatile to be within the scope of using a password or passphrase; cryptography is capable of providing much more robust protection. There was a time when classical password-protection had very minimal requirements, so it allowed significant tolerance to laxation within the process of deriving these values. However, it is now this obsolete technology, that in some instances, still tolerates this laziness, because it primitively relies on human philosophy, at the potential cost of complete loss of secrecy. Using this protection still has very valid application, but cryptography makes more sense in many cases.

Deriving a value which acts as a passport to privacy is one case where there should be less reliance upon human derivation, and more emphasis on cryptographic derivation, in my opinion. The supporting basis is strong and it makes security much more convenient.

securityforumsusername wrote:

Assuming we use a random password generator for one important password (accepting any of them, ie: no bias at all), then how long should it be?


Reiterating the idea of a threat model, that is certainly what this depends upon. If we're discussing cryptographic threat models, the conservative minimum, in order to achieve the suggested 128-bit security level, is 256 bits; obviously, a 256-bit key would ideally exhibit 256 bits of entropy. In regards to a cryptographic key, this is how long it should be. Proper methodology can make storage both secure and convenient, when handling these keys, as aforementioned.
Back to top
View user's profile Send private message Visit poster's website
Security Hobbit
Just Arrived
Just Arrived


Joined: 14 Jul 2004
Posts: 0


Offline

PostPosted: Wed Aug 18, 2004 8:02 pm    Post subject: Reply with quote

256 bit key = ~200 characters. aiaiai.
Now I finally see where you're coming from for crypto keys: basically to get the full benefits of a 128 bits of encryption you need to choose a 256 bits encryption scheme and to mitigate the fact that you need a password to protect your crypto key then in order to achieve the same level of protection that your crypto system gives you, you need to select a password that also achieves the same level of security (in 'bits').

But I was just trying to get a fix on computer login passwords....
Considering that they all use hash functions to store passwords, then how long/complex does the password need to be in order to provide a 'home user' low threat level thing (ie: some hacker/physical intruder gets the password hashes). OK, let me set a criteria: it must be able to withstand a 1 month bruteforce attack from 50 standard nowadays CPUs (hacker with a few little bots).
We remove some weaknesses against dictionary attackes by simply using a pseudo-random password.

Would some of M3DU54's keystrokes limits still apply? (but not using 64 possible keystrokes, but a full 255 ascii characters since I am not against using non-printable ascii).

Again, thanks for your help. I am trying to read stuff on cryptography, but gimme a bit more time Very Happy

Other comments: would a palm pilot be considered as a potential secure storage for passwords/crypto keys? With same limitations as above (ie: would need 200 characters key to obtain real 128 bits encryption security).
I also like the idea of storing half keys (half in the palm, half written on a piece of paper hidden somewhere Wink ).

Cheers,
N.
Back to top
View user's profile Send private message
capi
SF Senior Mod
SF Senior Mod


Joined: 21 Sep 2003
Posts: 16777097
Location: Portugal

Offline

PostPosted: Thu Aug 19, 2004 11:54 pm    Post subject: Reply with quote

securityforumsusername wrote:
256 bit key = ~200 characters. aiaiai.

Actually, it would be considerably less... Considering the standard ASCII representation for a character (i.e. not UNICODE), we're talking 1 character = 8 bits. Thus, 256 bit key = 64 characters.

Still a bit to remember, but at least not 200 Wink.
Back to top
View user's profile Send private message
NeonWizard
Just Arrived
Just Arrived


Joined: 06 Aug 2004
Posts: 0
Location: Vancouver, Canada

Offline

PostPosted: Fri Aug 20, 2004 12:02 am    Post subject: Reply with quote

If the Security Strength Meter is not good for computer passwords, what about passwords for online accounts?

And does anybody encrypt the password on servers for online accounts, such as lets say hotmail or yahoo?
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Physical Security and Social Engineering All times are GMT + 2 Hours
Goto page 1, 2, 3, 4  Next
Page 1 of 4


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register