
Researchers discovered the perfect password that’s easy to remember - bigsassy
http://www.washingtonpost.com/news/wonkblog/wp/2015/10/22/these-researchers-have-discovered-the-perfect-password-thats-also-easy-to-remember/
======
ph0rque
_The biggest drawback is that many sites these days limit the number of
characters that you can use in your passwords, so these poems are probably too
long for many of your accounts. But perhaps that will change someday soon.
More and more sites are considering dropping the character limit, since
shorter passwords are a lot less secure._

This is my biggest pet peeve. Actually, my second-biggest. My biggest is when
registration silently fails because the password was too long.

~~~
clentaminator
Top for me are sites that silently truncate part of the end of a new password
without informing you, then leaving you logged in thinking that the
registration process completed successfully.

~~~
beeboop
Wells Fargo's website did this to me. It's ridiculous how crappy their website
is.

~~~
steeef
The same could be said for the majority of financial institution websites.
It's ridiculous how insecure and behind the times they are. Behind password
restrictions, I'd say the next biggest thing that angers me is that they claim
to support two-factor when it's really just "Wish It Was Two-Factor" in the
form of so-called "security questions":
[http://thedailywtf.com/articles/WishItWas-
TwoFactor-](http://thedailywtf.com/articles/WishItWas-TwoFactor-)

------
aclissold
But surely you can't remember a different poem for every service that requires
a password?

Relegating you to use a password manager anyway, at which point you might as
well just generate random passwords that don't rely on dictionaries?

~~~
zeveb
One of these passwords, _if_ they truly are sufficiently-secure, could be used
to secure a password manager's encrypted file at rest on a system outside of
one's own control.

Right now, the best guidance is to only use a memorable password on files
which never leave one's physical control, and to use truly-random passwords on
remote machines. This is a pain, because it means that one cannot (or at
least, _should_ not) back up one's data securely: any encrypted backup would
require a password under one's physical control, but the whole point of the
remote backup is to recover from incidents compromising one's physical
control. It's a conundrum.

This development could be of real use in securing a remote backup of one's
passwords: high-entropy _and_ memorable.

~~~
eridius
Encrypt your backup using a secure password that's stored in the backup (in
your password manager), and then just have a physical copy of the password
stored in a fire safe, or safety deposit box, or something else of that ilk.
As long as you haven't suffered catastrophic computer loss, you can recover
your password using the password manager. If your house burns down with all
your stuff in it, you can use the physical copy to access your backup (or, ya
know, some other mobile computing device like a laptop or smartphone that also
has access to the password manager).

------
100k
"Most people use passwords. Some people use passphrases. Bruce Schneier uses
an epic passpoem, detailing the life and works of seven mythical Norse
heroes."

[http://www.schneierfacts.com/fact/27](http://www.schneierfacts.com/fact/27)

~~~
0x0539
I know you're making a joke but a passpoem or a passstory for lack of a better
word is usable and something I do.

I take a passage of reasonable length from a book that I've memorized, could
be song lyrics or anything though. Then to create a password I take the first
several words to make a password roughly the length I want, do a standard
transformation on it that results in a string with numbers and special
characters and use that as a password.

When I need to change my password, I just take the next phrase from the
passage and apply the same transformation. This has the distinct ability of
letting me go back in time and remember what password I would have used at a
certain time which has come in handy for remembering the root password on an
old server.

------
thinkmoore
"If you want your own little poem password, you can enter your e-mail here,
and their program will send you a secure one, which will then be deleted from
their server."

Uh...

They went through all the trouble of making a website. Maybe use https and
just show me the password on the website?

~~~
untothebreach
No https, but there is this: [http://www.isi.edu/natural-
language/people/poem/poem.php](http://www.isi.edu/natural-
language/people/poem/poem.php)

The "email me a password" service also currently has a note on it that says
"Note: Site is super busy! Approximate waiting time: 269 hours."

------
ChuckMcM
And if we could only get password taking software to not require special
characters and numbers if the password was longer than 15 characters, _life
would be peachy_. (that is 19 characters if you're wondering, and no I don't
use it as a password)

~~~
morganvachon
My biggest pet peeve with password requirements is limiting the scope of
special characters to some arbitrary subset, i.e. "you may only use the
characters @#$%^& in your password", or not allowing spaces. Without spaces I
can't use a phrase without running it all together, and my instinct is to type
the spaces, so I end up getting frustrated and using some less secure password
instead.

~~~
chrisfarms
Whenever I see those sorts of limitation I assume there's probably some kind
of poorly handled escape situation to exploit and their fix was "well just
don't allow that pesky < character"

~~~
JoshTriplett
> Whenever I see those sorts of limitation I assume there's probably some kind
> of poorly handled escape situation to exploit

Which, in turn, implies that some system handles the password as plaintext
rather than via a password-appropriate digest.

------
ColinDabritz
Using rhyme and meter to remember things has a rich history, back to the epic
poems.

The phrasing of the title made me think of an Onion article along the lines
of: They found the perfect password, it's '42Lemons?' and everyone should use
it!

What they found is an excellent password scheme for humans.

~~~
thaumasiotes
> The phrasing of the title made me think of an Onion article along the lines
> of: They found the perfect password, it's '42Lemons?' and everyone should
> use it!

I thought the same thing. A great example of "what worked for someone else may
not work for you".

------
dogma1138
That only works against basic bruteforce attacks, if you are using hybrid
attacks those passwords become easier to crack.

What people don't realize that professionals who crack passwords for a living
use quite sophisticated techniques using known information about the target,
common masks, and patterns makes cracking specific passwords easier than just
bruteforcing them.

If you use a 300K words dictionary and know or can assume that the paraphrase
will be constructed out of 3-5 words the password entropy isn't as large as
just thinking this is a single case or mixed case alpha with say 12-16
characters.

When dealing with generic password your basic unit is a character so a 16 char
password is made out of 16 units each of those has a specific search space
single case alpha it's 26, mixed alpha it's 52, single alpha numeric it's 36
and so on.

Here you have 3-4 units each has a fixed search space and that's the
dictionary you use, the search space can be even more restricted if we can
assume certain things about the algorithm that generated the passphrase.

If we take the poem example we can assume that words will not appear more than
once in the passphrase and that they might need to rhyme this alone can reduce
the password entropy considerably.

If we take other examples like story based passphrases e.g. "the quick brown
fox jumps over the lazy dog" then we can base our assumptions based on what we
know of the English language for example that words like "the" will appear at
least once in such sentences as well as take some estimates about how many
verbs, nouns, and pronouns will appear on average in each sentence based on
their common distribution which allows you again to reduce the search space
considerably.

Passphreases are still great when you need to ensure that your passwords won't
be broken in bulk when a breach happens because unless your account is
admin@ijustgothacked.com you most likely won't be a target and those types of
datadumps are still usually broken through basic dictionary, masked and cheap
bruteforce attacks.

If you might be targeted directly or phished than passphrases might not offer
any sufficient level of protection and could actually be weaker than an
annoying mixed-alpha-num-special password.

That of-course will change if everyone will start using passphrases if you
expect that 50% of your hashed passwords dump is passphrases you will adapt
your password cracking techniques accordingly.

~~~
DennisP
They generate a random 60-bit number and map it to a poem, so it has exactly
60 bits of entropy. If you want to double it, memorize four lines instead of
two.

Paper: [http://www.isi.edu/natural-language/mt/memorize-
random-60.pd...](http://www.isi.edu/natural-language/mt/memorize-
random-60.pdf)

~~~
makomk
Their passwords do have 60 bits of real entropy, but the estimates in the
article aren't based on how long it would take to brute-force a 60-bit
password - according to the paper, that would only take 11.3 years on a single
(2011-era) GPU, rather less than the 5 million they told the Washington Post.
At a guess, they're counting the entire 79-bit poem pool they're culling the
actual valid passwords from, on the assumption an attacker will have to test
all of them. (The algorithm maps those 60 bits onto one-million-poem wide
slices of the pool, and returns only the one that looks most like valid
English.)

~~~
DennisP
Hence my suggestion to memorize two such passwords.

~~~
dogma1138
You can also memorize a sentence or a paragraph from a book that you love and
own (which also can be used if you ever forget, or need to share the password
with anyone)).

~~~
DennisP
Better pick an obscure book, I've read about cracking programs with books in
their dictionaries.

------
jobu
Edward Snowden mentioned using a pseudo-random phrase like
MargaretThatcherIs110%SEXY in his interview with John Oliver:
[https://www.youtube.com/watch?v=yzGzB-
yYKcc](https://www.youtube.com/watch?v=yzGzB-yYKcc)

------
LoSboccacc
LoL at 'discover' [http://security.stackexchange.com/questions/22717/how-
secure...](http://security.stackexchange.com/questions/22717/how-secure-are-
passwords-made-of-whole-english-sentences)

I think we should held a competition to find out how old this tibit of
knowledge really is and also the oldest article about security experts
demonstrating passphrases are wide open to dictionary attacks.

1982 reference on passphrases
[http://www.sciencedirect.com/science/article/pii/01674048829...](http://www.sciencedirect.com/science/article/pii/0167404882900256)

~~~
pdabbadabba
This isn't just about pass phrases, or using a whole sentence as a password.
The new part (to me, at least) was using short nonsense _poems_ complete with
rhyming and meter. This makes it easier to remember longer phrases/sentences.
Not that the idea is _hugely_ innovative, but it strikes me as helpful, and
not already well worn.

------
codemac
_All_ passwords should not be memorable.

Once you see them as tokens that 3rd parties will probably lose, then you know
our efforts should be in secure token management software (keepass, lastpass,
1password, etc).

~~~
bradleyjg
If they aren't memorable then they are something you have, not something you
know. Now you are down to one factor.

To put it another way, what would you suggest for a master password for the
token management software?

~~~
DannoHung
Maybe the problem is that we have it backwards. Maybe it shouldn't be
something you remember and push to the authentication mechanism, but something
that the authentication mechanism pushes to you.

Like, what if you pick the corpus of a novel that you've read as your master
password. And the password manager uses that novel plus several other novels
that you have selected (but didn't read/won't read?) to give you a series of
multiple choice selections to determine if you know the right book. Just a few
short passages. Preferably with proper nouns stripped out.

You have to select the passages from the correct book for all the multiple
choices. That way rather than recall, the memory factor is recognition.
Combine it with a non-memorable token which you have to present _first_ in
order to even see the recognition factor test and you might have something
workable.

~~~
dangerlibrary
The entropy of multiple choice selections is easily calculable and very low.

number of options * number of questions

This is essentially the same "password reset questions" loophole that allowed
the apple cloud storage hack on a bunch of celebrities.

~~~
DannoHung
I didn't say to use it by itself. I said that your OTP would be required first
to even access it. And of course you could provide backoff. And then you'd
also have to be answering a series of multiple choice questions all correctly.

I dunno, just a thought, but do you get what I'm saying about recognition vs
recall? Why don't we have the computer test us about things we're good at if
part of the test has to be something only our individual brain is capable of?

------
kisstheblade
I was wondering what the real "entropy" (?) for these kinds of passwords is?
If you take the vocabulary of common words (ie. not generated from a list of
eg. 300k words like in the article), aren't the permutations rather small? If
some person just makes these four words up from words they know (and probably
use quite regularly)

Eg 10000^4 or even 1000^4 (for those types who would use "password"
otherwise)? Isn't that quite bad or am I understandig something incorrectly?

~~~
daleco
I was thinking about that... The average person is using 5000 words. We could
assume that the poems do too. (5000^4/ (300,000,000,000))/(60*60) = 0.57 hour
with 4 words at 350 billion guess per second
([http://arstechnica.com/security/2012/12/25-gpu-cluster-
crack...](http://arstechnica.com/security/2012/12/25-gpu-cluster-cracks-every-
standard-windows-password-in-6-hours/)). 1300 years with 6 words.

------
kristopolous
Everyone who is serious about passwords should run a cracker for a week or so
on some large set of passwords. You end up getting a pretty good sense on what
falls quickly.

------
zeveb
It's a bit disappointing that they're focusing on 60-bit passwords; a 128- or
256-bit security level is best for securing important data.

~~~
DennisP
Memorize two poems.

------
samstave
In 1997 I inherited a network which had a password I needed to recover... It
was some Cisco Device -- I cant recall model number or how we recovered the
password; but Ill never forget that password:

FeetFourMonkey

------
syoc
The problem with passphrases are wordlists and combinator attacks. This is
been known for a long time. This headline is _very_ misleading and I hope no
one use passphrase-based passwords for extremely sensitive data.

~~~
DanBC
Can you describe how a wordlist and combinator attack is risky for something
like eg diceware?

Let's make it easier and assume the diceware list only includes the 26 lower
case characters (nothing else), that all words are separated by a single
space, that the passphrase contains 7 words. And we assume our attacker knows
all of this, and has the same wordlist we used. Heck, we'll even give them our
dice too.

How at risk is our 7 word passphrase?

