
Strong Passwords - simbalion
https://strongpassword.us/
======
LeoPanthera
Having worked in IT, this is the kind of "guide" that I hate. It's
theoretically correct, but wildly impractical and therefore not useful at all.

Do not let perfect be the enemy of good. Right now, people's password hygiene
is not even "good".

Some specific criticisms:

> At a bare minimum you should be using a unique 32 character random
> alphanumeric on every website or service that you use.

Sometimes you have to type in a password, even if you use a password manager.
Maybe you are using a public computer. 32 character passwords are laughable.
NIST recommends 80 bits, that's ~14 characters. Entirely sufficient.

> Do not use online password services

If it means you're using different, reasonably strong passwords for all your
accounts instead of just one password shared with everything, then PLEASE DO
use an online password service. You will be vastly more secure.

Getting "normal" people to use good passwords means their password manager has
to be super easy to use. LastPass is fine. 1Password is fine. Hell, even
writing your passwords down in a book is fine, as long as you look after the
book.

~~~
simbalion
I think encouraging longer passwords is a good idea. Even if 14 characters is
suitable today in 2016, as computers get faster it will soon not be adequate.

By encouraging different password habits, people will be better prepared for
the future.

I have to question your expertise on this matter since you suggest writing
passwords down in a book, as well as using online password databases, both are
terrible ideas.

~~~
LeoPanthera
Passwords significantly longer than 14 characters will never really be
practical. Users hate typing them in. Password managers will never be
ubiquitous. This is why the "pass phrase" has never really caught on and
replaced the "password".

But I don't believe this is really a problem. As computers get faster, hashing
can get slower. There is no upper limit on hash complexity.

Edit: This is your guide, isn't it? It would be ethical for you to disclose
that, given that it has an advert for your business at the bottom.

~~~
simbalion
And we'll never need more than 64kb of RAM too.

It was not many years ago when strong 8 character passwords were completely
suitable. So respectfully I think your statements are false.

One of the reasons the guide recommends Keepass is that it eliminates the need
to type in passwords completely. Even in the rare case of poorly designed apps
that block pasting, the auto-type capability works around that.

~~~
ploxiln
A fully random 8 character password, using uppercase, lowercase, and digits,
should still be OK today if hashed with bcrypt (or similar or stronger
scheme).

I searched around and found someone posted some hashcat-ocl benchmarks done
with a Titan X about a year ago, and it could do 14440 bcrypt hashes per
second. So let's calculate how many "Titan X * days" are required to brute-
force such a completely random password using that character set:

    
    
        >>> (26 + 26 + 10) ** 8 / 14440 / 3600 / 24
        175005
    

If you assume the best GPU today is twice as fast, and that someone has 8 of
them in a rig, that's still 10 thousand days to search all possibilities,
which means 5 thousand days on average until the hash collision is found.

For a typical user account, 5 thousand days of crunching by 8 of the most
powerful GPUs on the market, is pretty good.

I personally go for 9 or 10 character passwords that include some symbols too,
but are a bit less random ;)

Anyway, the biggest factor is to use a unique password for every account,
because you can't guarantee that none of the websites you use didn't totally
fuck up and accidentally put the original password somewhere, nor can you
guarantee that they won't be hacked to the extent that the passwords are
intercepted during sign-in.

~~~
morecoffee
> A fully random 8 character password

If you were given a list a human generated passwords and computer generated
passwords, you could spot the difference immediately. Passwords are not
random, and crackers take this into account. Most passwords are letters with a
stray symbol here and there. More advanced password crackers take a dictionary
of base words and use Markov chains of passwords to try.

This greatly reduces the search space and the eon-long searches start looking
more in reach.

~~~
ploxiln
That's true - human chosen passwords are vulnerable to more clever non-brute-
force attacks. This effect is rather different than the interplay between
computer power and hashing schemes though. (Thus my strong qualifications
about fully-random :)

------
3pt14159
If you are like me and you like the idea of password managers but don't trust
them because they're giant targets for cyber criminals and intelligence
agencies have at my trusty ruby script:

    
    
        puts ((rand * 1_000_000_000).to_i.to_s + \
          ("a".."z").to_a.sample(10).join + \
          ("A".."Z").to_a.sample(10).join + "_")
    

Some benefits: If you need to enter in a password on your phone the numbers /
capitals are all in a row, so you're not constantly shift-on / shift-off-ing.
There is multi-case alphanumeric with a symbol, so it passes most website
checks. If the website is something dumb and they don't allow special
characters your underscore is right at the end so you can just delete it, and
since it is an underscore it's a special character usually allowed (unlike %
for example) because they're not weirdly encoded, even in URLs.

You can save your passwords in a gpg'd text file if you want, though it
usually doesn't matter that much. Just store them in chrome and use two-
factor. If you get logged out just password reset to your email.

~~~
parennoob
What do you do when you're traveling and don't have a laptop handy, but need
to log in to Gmail on a public computer to email your family? Or just if
you're traveling and have a phone (but not a laptop), and need to access your
banking account?

~~~
3pt14159
Gmail is the only password that you need to memorize. As for banking, not
being able to log in without my laptop hasn't been an issue, but I can always
_call_ my bank with the weak phone password (but which includes voice
detection software) and once authenticated have them do most types of things.

You're right though, it isn't perfect.

------
zyxley
One of the more persistent annoyances of the modern web for the tech-savvy is
the experience of putting a long, randomly generated password into a site and
getting an "invalid characters" error.

~~~
Scirra_Tom
Or sites that don't let you paste in, and ask you to confirm it.

~~~
Exuma
Or sites with a maximum length of something like 10 characters

~~~
jonathanoliver
Or sites that don't tell you the max number of allowed characters and then
quietly truncate the password for you. Then you have to guess how many
characters they chopped off and try logging in until you get it right.

~~~
chb
This! This is the most infuriating... and the salt in the wound is that some
of the offenders are career/employment sites for firms that should have enough
tech savvy employees to code a form that does client-side verification and
clearly indicate password criteria to the user.

------
krupan
I haven't lookek at keepass in a long time, and a quick glance at the website
didn't help. The author of TFA says that keepass handles synchronization for
you. Is that true? Because it didn't do that in the past.

Also, can keepass generate secure passwords for you? That's something I love
about lastpass.

UPDATE: also, how easy is it to use on an Android?

~~~
x1798DE
Keepass can generate secure passwords yes, with customizable rules. I think
synchronization on Keepass's side is possible, but to me the fact that your
password database doesn't talk to "the cloud" is a major selling point. I even
use the alternate version of Keepass2Android that doesn't have internet
permissions as an extra precaution.

------
emddudley
> At a bare minimum you should be using a unique 32 character random
> alphanumeric on every website or service that you use.

That is a non-starter....

~~~
stcredzero
Why would anyone use more than 128 bits of entropy in a password/passphrase?
(24 characters alphanumeric with upper and lower case.) The answer: "I don't
have to out-run the bear. I just have to out-run you!"

~~~
joshka
And then protect it with a 128 bit AES key...

~~~
stcredzero
But when a website you're using is hacked, it's probably not your password
database that's being attacked. It's probably that site's password hashing
that's being attacked.

------
babby
The only complicated part of this method is securing the key, and the key is
definitely required or you may as well just save it as plain text.

You sync your DB across multiple cloud services, and to decrypt you use a weak
master pass and strong key.

I've been struggling with how to move that key around.

.1) Put it on a USB drive or hide it in your filesystem.

This is cumbersome and losing the drive could be disastrous. It's also trivial
to scan a filesystem for key-like files.

.2) Use an authentication dongle.

This one is better but requires third party hardware in most cases, and is
slightly expensive.

.3) Bluetooth/NFC to your device.

This can be intercepted at extended ranges as proven at defcon etc. Though is
admittedly the most convenient method. The data can be signed, but I haven't
seen anything out there that implements this well just yet.

.4) Timed one time passwords, PushBullet etc.

This feels like a bonus feature.

I'm not sure how to go about this. You lose or leak the key then you're
screwed.

Is there a wristwatch or phone app with signed credential sharing based on
wearer input, compatible to a standard?

------
Spooky23
Just use diceware. Simple and effective.

[http://world.std.com/~reinhold/diceware.html](http://world.std.com/~reinhold/diceware.html)

~~~
eterm
Diceware is great for passphrases.

Passphrases are not passwords and I think they shouldn't be recommended for
use as passwords.

Passphrases are fantastic for encryption keys, where trying to otherwise
memorise a suitable amount of entropy to match the required strength would be
almost impossible.

But passwords don't need to be 256 bit. If you're using a password manager it
doesn't hurt to keep passwords as strong as each service will allow, but
Diceware isn't the right tool for the job for passwords, because while it's
great for memorizing one or two high entropy phrases, there's no way someone
could be expected to memorize the dozens of passwords they use on a daily
basis.

At which point you're back to bad solutions such as writing it down, using the
same phrase everywhere or cheating on the lengths.

The only sane way to manage dozens of services in a way that doesn't bleed
risk from one service compromise to the next is password managers.

At which point a 16-20 character password of random characters is more
suitable than a passphase. It's harder to memorize if anyone happens to see it
due to a miss-paste or whatever, it's easier to type in if you need to and
it's less likely to suffer from "silent truncation" effects.

So use a password manager, use a diceware phrase to secure the master password
(encryption) there, but allow the password managers to generate passwords
which are short and random.

------
discreditable
For passwords I need to be able to remember (not many) or share (initial
passwords for user accounts) I use a passphrase generator. Everything else is
random 24-character Keepass.

Plugging my super simple passphrase generator built upon the EFF wordlist:
[https://spg.brashear.me](https://spg.brashear.me)

------
rcthompson
What about 8-character passwords with letters, numbers, and symbols? What if
it includes non-ASCII characters?

------
sunstone
Any 'password manager' is a priority target. Just use longish pass phrase and
don't walk around with a target on your back.

