
A plastic card for easy to remember strong passwords - qycard
https://www.qwertycards.com
======
agwa
This is a substitution cipher and it's not very secure. Consider what we can
do if we compromise the Amazon password that's given as an example on the
website:

    
    
       sh(/J3HqAfQsu..u.rqf
    

Since the password came from Amazon, we know that the last 6 characters are
"Amazon," which tells us that:

    
    
      . = A
      u = M
      r = Z
      q = O
      f = N
    

Now we can start attacking the codeword, which are the characters between the
8-character "space bar code" and the website name:

    
    
      AfQsu.
    

Using the letters we already know, we can determine that the codeword is:

    
    
      _N__MA
    

It's probably a dictionary word, and we know that the blank spaces don't
correspond to any of the letters we already know. According to the following
command:

    
    
      grep '^[^amzon]n[^amzon][^amzon]ma$' < /usr/share/dict/american-english
    

...the only possible codeword is "engima," so now we know that:

    
    
      A = E
      Q = G
      s = I
    

Combine with another compromised password, and we're coming dangerously close
to being able to generate a password for any arbitrary website.

Edit: I agree with the replies that this is an unlikely attack considering how
passwords are typically compromised. And it's probably better than how most
people choose passwords. But the website claims that this generates "very
strong passwords," which is nonsense.

~~~
hyperbovine
This sort of objection is raised whenever basically any mechanism for
remembering strong passwords is presented. Much like many results in
computational complexity, worst-case results are not necessarily indicative of
real-world utility. To wit, in the scenario you outlined the attacker must a)
know beforehand that the target was using this device; b) know beforehand that
the inserted middle portion was vulnerable to a dictionary attack; c) have
compromised at least one and more likely several websites; and d) obtained the
_cleartext_ password from each of said websites. This seems an almost
comically unrealistic chain of events for the average case. Yes, a determined
and sophisticated attacker could probably pull this off, but if you have
enemies who are willing to go to such lengths you probably are aware of it and
would not be using a silly little crutch in the first place. For the rest of
us, this seems like a potentially useful alternative to using 'c@td0g11!' for
everything.

~~~
curun1r
> This sort of objection is raised whenever basically any mechanism for
> remembering strong passwords is presented.

Yes, because we've basically realized that memorizing passwords isn't a
workable solution. We should be recommending password managers that
generate/store strong passwords and MFA for any account that needs to be
secure. That these password generators themselves can now be unlocked using
both memorized information and biometrics (TouchID and such) makes them all
the more secure.

Moreover, this is the only solution that's capable of dealing with all the
asinine password requirements that get imposed on users...solutions like this
card fail hard when the password requirements prohibit certain characters
and/or other characteristics of these passwords (repeated characters, length,
etc.) Until the world gets together and standardizes what constitutes a secure
password, memorized passwords will always be a flawed solution.

~~~
bigbugbag
I'll go even a step further and say:

passwords are a flawed solution

They have been through history and way before the industrialized world, not
only that but what was considered secure yesterday may be compromised today or
tomorrow. This is not going away any time soon and you have to design security
taking this into account.

Another problem with password, it's that those web services we use password
for collect way too much sensitive information that they should not be given
in the first place.

~~~
marssaxman
People keep saying that passwords are flawed, but what else is there?
Authentication depends on secret information, does it not?

------
beering
This is a lot like PasswordCard[0] except not free.

[0] [https://www.passwordcard.org/en](https://www.passwordcard.org/en)

I think I'd like PasswordCard because it's pretty freeform - just pick a
starting point and a visual direction/pattern and copy letters from the card.
But honestly I don't much like the idea of relying on a physical token if I
don't need to. Almost losing my 2FA last year was a bit scary.

~~~
detcader
PasswordCard does give you a seed number to generate the same card, though..

~~~
bigbugbag
Which is not really a problem because having the card does not give away the
scheme used for a particular password.

Qwertycard on the contrary exposes their recommended scheme publicly which
make losing the card a much higher risk of compromising your password.

------
samspot
Except it's not going to work, because of the bank who doesn't allow '(' as a
special character, or the ticket website that requires at least 3 digits, or
the financial firm who only allows 8 character passwords. As soon as you have
a few sites with 'rogue' password policies, the system breaks down.

~~~
danjayh
I tried going to a similar algorithm of my own invention some years ago, and
ran into this exact problem. Mostly sites that don't allow certain characters
(which is asinine). Now I have a few different algorithms that I use that are
friendly to common password requirements, and I keep a list of which algorithm
I used on each website, rather than just a list of the passwords. Since the
algorithms only exist in my head, I think it's secure enough for most
purposes.

~~~
benmarks
You are not alone in this strategy. I just wish we could have a password
standard.

------
crazygringo
Besides other problems (like not working with certain password requirements),
this particularly doesn't work when a site forces you to reset your password
because of a breach or time limit or who knows what. (Yahoo just forced a
mandatory password reset on me today, without even giving a reason except to
"protect my account".)

Then you've got to remember -- are you now on amazon3 or amazon4 or gmail4 or
gmail5? And then it defeats the whole purpose of the card.

------
stevewilhelm
What prevents me from using this type of strategy is the inconsistent adoption
of password requirements.

For example, some of the websites I use require passwords to contain at least
one capital letter, or a digit, or a punctuation mark (e.g. ! ? #, etc.). But
other Website do not allow punctuation marks or digits.

Some require a password of a minimum length, but a dwindling few can only
accept fairly short maximum length password.

~~~
bro-kaizen
Wait really? It feels like almost every time I make a new account somewhere
and drop in the 200 character high-entropy password that LastPass generated, I
get a silent failure or misleading error message about "your username was not
recognized." Then I try guessing which feature of my candidate password is
pissing off the site: Is it the whitespaces? Special characters? Length?

This is particularly maddening because there are plenty of ways to accept
arbitrary passphrases from users.

~~~
jrockway
You use 200 character passwords? I'm happy with 12.

~~~
Springtime
Obviously the longer the maximum available length the better but it does
assume the host computer always has the password manager installed. I'd
shudder to think how such a long password would be entered otherwise.

~~~
Dylan16807
Once you get up to a threshold like 128 bits there's no real benefit in going
further. So 22 alphanumeric characters is 'good enough for anyone'.

------
b_white
It's rather ironic this site is all about strong security, when their SSL/TLS
settings are terrible. (Including being open to the POODLE and OpenSSL CCS
vulnerabilities)

[https://www.ssllabs.com/ssltest/analyze.html?d=qwertycards.c...](https://www.ssllabs.com/ssltest/analyze.html?d=qwertycards.com)

~~~
qycard
Thank you for bringing this to our attention - we’ve now upgraded the server
to address this and will continue to monitor carefully for any other issues.

~~~
b_white
:)

------
z1mm32m4n
If the end goal is to turn a long, comprehensible password like
"correcthorsebatterystaple" into something not remotely subject to a
dictionary attack, then merely shifting your fingers over on the keyboard by
one key is much more convenient: "vpttrvyjptdrnsyyrtudys[;r". Sure, it suffers
from the same short-comings as mentioned above (it's still a substitution
cipher), but it's much more convenient than going to the card for each
individual letter. "vottrvyjptdrnsyyrtudys[;r" is as quick to type as
correcthorsebatterystaple but much™ more™ secure™.

~~~
bigbugbag
This is a simple variation that I have not seen covered in hashcat, though it
is not future proof. If people catch on this then it won't be long before a
new rule is added to hashcat to cover this case.

I have used a similar variation in the past, in my case the character
substitution came from changing the keymap of the keyboard.

for example 'correct' typed in qwerty over a dvorak keymap became 'krpp>ky'

------
w8rbt
These others have been around for ages. And, they are free.

[http://www.passwordcard.org/en](http://www.passwordcard.org/en)

------
docubot
That's all well and good until you lose it or run it through the washing
machine. Then your entire password system is gone. Any backup would need to be
stored in a place that might as well be your 1Password/LastPass database.

------
midnitewarrior
What about trust?

Who is selling me this card, and with my name, address and (optional) email
address, how long will it take him to crack every one of my accounts,
considering that he has the key?

------
patrickdavey
I actually really like this idea. I guess if your attacker did get your
password in the clear (bad encryption or whatever) then they'd basically have
access everything right? I mean, the number of letters at the start is
presumably fairly constant, they'd know the site it was for so they could then
work out the "unique secret" in the middle right?

That said, there's a certain amount of security through obscurity I guess.

Still, for any of the sites I really care about I use two factor
authentication. I'd take a mediocre password and 2FA over a strong password
(But happy to be proved wrong ;)

~~~
sago
why would anyone need to know your secret? Except that it would give them more
characters in the substitution cypher. The card assumes a user will keep the
same secret for each site, so just keep the start of the PW the same.

------
alejohausner
How about doing Vigenere in your head? This is what I do: I actually write my
passwords down in my little black book, which I carry in my pocket. I use a
simple Vigenere cypher in case I lose the book. Each password is encrypted
with the same master key, which I memorize.

For example, if my master key was 1234, and my password was 'baNana3', it
would write down 'ayKwmy0'. When I look up the password, I shift the letters
forward as I type them:

a + 1 = b

y + 2 = a (wrap around the end of the alphabet)

K + 3 = N

w + 4 = a

m + 1 = n

y + 2 = a

0 + 3 = 3

It's not too hard to advance 9 or fewer letters in the alphabet as you type.

I think i'm safe. Am I?

~~~
A1kmm
If you physically protect your book sufficiently and don't let anyone who is a
threat see it, and choose strong passwords (which baNana3 isn't for most
purposes - it's only 7 characters long, and based on a dictionary word with
minor modifications) then yes.

If someone willing to put in the effort to do some cryptanalysis obtains a
copy of your book, then no, you are most likely not safe. Firstly, the
Vigenere cipher is extremely vulnerable to a known plaintext attack on the key
- if the person who obtained your book knows your password to just one site
(for example, because it was lost in a compromise and published on the
Internet), they can work out your master key and then get all your other
passwords. Even if they don't know any passwords, if you use passwords that
are not made up of equiprobably randomly selected characters (and especially
if they are dictionary words), the attacker will usually be able to use that
bias to work out the master key. For example, the attacker might cycle through
all words in the dictionary to obtain the key that decrypts aykwmy to the
word, and try the master key they obtain on other entries in your book until
they find one that yields a lot of other dictionary words.

------
tantalor
In general I really like generating passwords like this, but there are some
downsides. It is difficult to change it later, e.g., if the password expires
or is compromised.

------
raarky
my current "scheme" for creating new passwords is to simply write a long,
unique passphrase with the idea that I will only remember it for the short
time needed to log in after registration.

If I need to log in sometime in the future, I simply reset the password.

------
lifeisstillgood
Sadly this is still a fail - I have found numerous sites whose fatuous
restrictions on what are or are not legal entries include banning punctuation,
never ending in a letter and more.

This seems an amusing and useful idea to making passwords - it's usability
seems longer lived than my previous (personal) attempts (md5 hashing passwords
and domain names).

In the end I need a trustable approach to storing encrypted data on my iphone
- I suspect i have missed one. Any ideas?

~~~
JTxt
I use "FileBox" for some things, but I'm taking the developer's word that it
is secure.

------
zokier
I don't believe in these sorts of database-free password management systems.
These require users to remember too much stuff and are not flexible to be used
universally. And using these gets only more painful over time as exceptions
etc accumulate. These issues have been discussed fairly comprehensively in the
various HN threads on hash-based password managers, which share most if not
all the downsides with this particular project.

------
gravedave
So what this site is essentially selling is a single run of a random number
generator printed on a piece of plastic and a 3-step process?

------
bigbugbag
This is a poorly thought out (qwerty only ?) and weak security attempt to make
money ripping off the concept from the much better and secure password card at
[https://www.passwordcard.org/](https://www.passwordcard.org/) that anyone can
print themselves.

------
qycard
We've got you covered:
[https://www.qwertycards.com/frequent_questions.html#lost_sto...](https://www.qwertycards.com/frequent_questions.html#lost_stolen)

Every card ships with a letter showing the only unique copy of the card.

~~~
eterm
Error: EMFILE, open '/home/qwerty/live/views/frequent_questions.html'

------
jnellis
I have just as hard a time remembering my usernames as I do passwords.

------
theophrastus
Some of us have even made do with variations on the "Old School Tabula recta":
[http://lifehacker.com/5715794/how-to-write-down-and-
encrypt-...](http://lifehacker.com/5715794/how-to-write-down-and-encrypt-your-
passwords-with-an-old-school-tabula-recta)

"If I'm logging into Amazon I'll find the intersection of column M and row A
(the second and third letters of Amazon) and then read off diagonally 16
characters."

------
scenefinale
I use dvorak, you insensitive clod!

------
mason240
This would actually be very useful for my Google and LastPass password. I have
everything else in my LastPass manager, but it is always trying to get into my
google account from different places is difficult, so I have a rememberable
password for both.

This would let me keep a much more secure password for both.

~~~
chronial
Just use random words. Memorable passwords don’t have to be weak. Five random
common english words are already very strong. Just make sure you don’t pick
the words by hand.

~~~
sarciszewski
[https://github.com/resonantcore/lib/blob/master/js/diceware/...](https://github.com/resonantcore/lib/blob/master/js/diceware/diceware.js)

[https://github.com/resonantcore/lib/blob/master/demo/dicewar...](https://github.com/resonantcore/lib/blob/master/demo/diceware.html)

Run this locally, e.g.

    
    
        dw = new Diceware();
        dw.load("https://raw.githubusercontent.com/resonantcore/lib/master/js/diceware/diceware.wordlist.asc", function() {
            console.log("Diceware loaded!");
        });
    
        console.log(dw.getWords(8).join(' '));

~~~
__david__
If you're on linux you can usually just do:

    
    
        shuf -n 5 /usr/share/dict/words
    

On Mac OS X you need coreutils for shuf, which you can get from brew (it's
called gshuf once installed).

~~~
anonfunction
To get rid of the newlines

    
    
        shuf -n 4 /usr/share/dict/words | xargs | sed 's/ //g'

~~~
__david__
Or slightly more simply:

    
    
        echo `shuf -n 5 /usr/share/dict/words`

~~~
sarciszewski
Maybe add this to your .bashrc file?

    
    
        randword()
        {
          if [ -z $1 ]; then
            echo `shuf --random-source=/dev/urandom -n 5 /usr/share/dict/words`
          else
            echo `shuf --random-source=/dev/urandom -n $1 /usr/share/dict/words`
          fi
        }
    

Test output:

    
    
        kobra@stormforge blah $ randword 4
        crackpots fragmentation maximally Bradly's
        kobra@stormforge blah $ randword 6
        turnover's nonproliferation's bestowal's sulkier hillbilly Narmada
        kobra@stormforge blah $ randword
        Marciano fibulas roadwork mobilizations organics
        kobra@stormforge blah $ randword
        coins bronzed housemother's forefather supposing

------
gnerix
Many sites where I perform sensitive transactions require me to periodically
change my password (banks, brokerage, etc.)

The Shannon entropy of the impossible to remember example password is 3.68418,
which is not much better than the xkcd "easy for a human to remember" password
3.36386

------
enjikaka
I did a web version:
[http://codepen.io/enjikaka/pen/zxNMQZ](http://codepen.io/enjikaka/pen/zxNMQZ)

EDIT: Just changed alot of things so if you viewed this in the last couple of
minutes... take another look!

------
bkeroack
Fine idea if the codes are generated randomly for each person. Do not use the
same card as someone else.

Or you could use something like (one of my side projects):
[https://www.wordentropy.org](https://www.wordentropy.org)

------
Sir_Substance
Brilliant!

Until you lose your wallet.

Much like lastpass and other password management software, you're putting all
your eggs in one basket, and having faith it won't fail.

Passwords are a shitty idea people. We need a better system.

~~~
krapp
Any authentication system will (and should) fail if you lose the
authenticator.

That's not "shitty", that's the way it's supposed to work. A better system, to
be of any value, would fall prey to the same 'weakness'. Even biometrics can
change over time.

~~~
canes123456
Math/Crypto allows for distributed authentication. Think bitcoin block chain,
miners verify each transaction and but it doesn't rely on any single miner.

~~~
bigbugbag
The bitcoin blockchain relies on the assumption that the mining power is
honest and no single entity will hold the majority of the mining power. This
has proven to be an issue with the selfish miner case and when a single mining
pool reached 51% of the total mining power.

In the world of security you simple cannot assume honesty and build security
on top of this assumption.

------
Animats
Who has access to the "random" info on those cards? How randomly are they
generated? If you bought a few of them, could you work backwards to the
generation algorithm?

------
dogma1138
Nice code book but you can just as well print it yourself :D

------
trymas
I'll just leave this right here: [http://xkcd.com/936/](http://xkcd.com/936/)

------
mingabunga
Looks a bit like
[http://passwordlive.github.io/](http://passwordlive.github.io/)

------
jaynate
Cool solution for folks like us. Best way to diminish password as an attack
vector and secure services for the thronged masses is to reduce the number of
passwords required to use the Internet. And couple a master (eg My google
account) account with a second, biometric factor.

------
johnchristopher
Are each card produced with a different substitution pattern ?

------
izolate
damn, edgware is the last place I'd expect to find a tech company. cool
concept though. do you sell these out of your office too?

------
ninjakeyboard
I just registered dvorakcards.com and colemakcards.com. Thanks,

