I think it's taken too much for granted that one should change passwords on a regular basis. If we assume that changing passwords more frequently means that we are more likely to use more rememberable - and, thus, more guessable - passwords, then perhaps this is not a fluke. Perhaps "pick a truly random, long sequence and keep it for a long time" is not actually bad policy.
In short, I find it odd that the author unquestionably says his neighbor should have had different password behavior, yet it was the only password he couldn't crack. That's an opportunity to revisit assumptions.
So, if it is true that when people regularly change their passwords, they pick poorer passwords, then perhaps those poor passwords are a larger risk than the risk of maintaining a compromised password. Again, this is not a question of what is the most rational policy. It is a question of human behavior, which means in order to find an answer, we need to study what people actually do.
I googled to see if I could find studies on this, and I did: "The True Cost of Unusable Password Policies: Password Use in the Wild" by Philip Inglesant & M. Angela Sasse: http://www.cl.cam.ac.uk/~rja14/shb10/angela2.pdf I have yet to read it in full, but they do touch on this idea at least some.
I just ask that if you advertise this method as somehow ideal then please allow for your audience to appreciate it as it is, an "if all else fails it's better than nothing" approach.
My only prescription is to say, instead of telling everyone "this is how you should behave" in order to achieve the best security, we should design our security policies based on how people actually behave. My assertion here is that if we do this, we will end up with better actual security than if we came up with a policy that, on paper, is better, but is not well implemented by people in the wild.
Edit: In all seriousness, wouldn't it be logical to keep records of all IP addresses that attempt/login to the system. If you frequently see attempts made from one IP address, or IP group (ISP block) then simply prevent them accessing the login.
Further, for Wifi, wouldn't it be logical to record the MAC codes of computers trying to access the network and if one you don't recognize is frequently trying to access the system, simply block it.
It's not foolproof. Actually it probably is. It's not true security against a determined person (proxies and MAC spoofing), but then a good password protects you against fools and often not skilled individuals. A key logger on an insecure computer clearly trumps any password.
If you mean specific to WiFi, then no, it wouldn't be logical - often the WiFi access point acts as a DHCP server and assigns an IP. If you mean more broadly, then yes it would - see .
Further, for Wifi, wouldn't it be logical to record the MAC codes of computers trying to access the network and if one you don't recognize is frequently trying to access the system, simply block it
No, MAC addresses are trivially spoofable (as you note), and in some cases I believe this spoofing is automated. MAC blocking isn't a real security feature at all.
Your point is well taken, though.
The only reason one should have to change their password is if it is significantly weak -- "crackable" -- or they enter it manually -- it is visible -- in front of others a significant number of times for them to "record" the strokes. Good password managers, more or less, solve both cases.
a) you care if people are using your network, or you do not simply keep track or whitelist-only of machines that have negotiated with your router
b) you use a short -- "crackable" -- password
c) someone can peer into rooms were they might spy on you entering your WiFi password
d) (c) happens enough that they can make out the whole password
For typical passwords -- desktops, laptops, email, etc -- it makes sense to change passwords (and use a password manager), but only for those things that really matter. Otherwise, there is probably not a lot of undo-able harm that can come of someone having access to your account(s) on <forum du jour>.
The article reminded me of that. If someone attacks my home wifi with network sniffing hardware, sophisticated password guessing tools, hours of planning and execution, etc then, well, the issue escalated beyond anything I could sensibly prepare for.
I realize these computing tools are easy to come by and not terribly hard to use. Ditto body armor, night vision, and combat training. And if someone is inclined to apply them against my pathetic existence, I'm screwed. Planning for such events is pretty pointless, I have other things to do.
Whereas a bored teenage neighbor could attack your wireless network with a very small chance of being detected. Or with a sensitive directional antenna it doesn't even have to be your neighbor if the goal is just to sniff traffic. Plus, the only cost to you in defending against this attack is entering a more complex password on new devices. Stick a note on the fridge or choose a phrase.
These days, I just turn on the MAC address filter that's built in to most wifi base stations. Now, unless I've manually entered your MAC address into my whitelist, my router won't connect you. My wifi shows up as "open" to any machine that passes by, yet it won't connect.
Many (most?) of you know more about security than I do. How secure is the MAC address whitelist approach compared to a password approach?
* WPA2 hasn't been 'cracked'
* Without 'passwording', all your traffic is unencrypted and can be trivially sniffed
* Spoofing one of your whitelisted MAC addresses in order to use your network is easy
1) I would define something as "not cracked" if it is as strong as its password--in other words, there's no way to circumvent it that isn't a general vulnerability (peek through my window, get a keylogger on my machine, etc.) I assume you're telling me that this is the case with WPA2.
2) It sounds as though you are saying that something like WPA2 doesn't just authenticate a login but remains in use as an encryption key for subsequent wireless data interchange between client and base station. If I'm understanding correctly, that's a powerful point.
3) I knew that MAC addresses could be spoofed, but I was thinking they wouldn't know WHICH MAC address to pretend to have. Of course, if I'd been a little smarter, I would have noticed that my own linux process was using the MAC address a client claimed to have to throw out unrecognized machines (before I had MAC address filtering as a built-in router feature). If they were sending their MAC address to me, then my own client machine would be sending its MAC address in clear text to them, telling them which MAC address to pretend to have. Duh.
Well, I feel a little dumber and a little smarter. Time to go change my network. Thanks again.
Since you said your WiFi is open, the only thing that needs to be done is fire up the aircrack-ng airdump and sniff, there I would see your MAC, in the clear. Then I could set my own to it or select any other mac I have seen connecting to for a longer while ,and use it and access your router and add my other mac on its whitelist.
Isn't that true of WPA and WPA2 though also?
There are precomputed rainbow tables of common SSID+passphrase combinations floating around, but as a general rule, WPA2 with a sufficiently complex passphrase should be secure against anyone who doesn't have a massive compute cluster at their disposal.
He would have to be very bored indeed. Singling out my home to spend considerable time at an inconvenient in-range location to crack passwords to access ... what, exactly? view pictures of my toddlers? copy my slightly deranged music collection? If he's looking for free network access, he can go down the street and get it from McDonalds or Starbucks or wherever while sitting in a comfortable chair sipping a soda.
I realize a bored teen is different from a SWAT team. Both, however, would need unusual motivation to turn their talents on my abode.
a large fraction of normal wifi devices that can be set into a proper receiving mode
>sophisticated password guessing tools
some password cracker they downloaded in minutes
>hours of planning
pressing a button or typing a couple commands
taking a nap
It's not hard to secure a network from extremely simple attacks. At least for now.
And that analogy is nonsense. Body armor, night vision, combat training don't help them break into a house. At best it'll get them past the armed guards you don't even have.
Walk into a well stocked military surplus store and you can walk out with all the tools you need to break into a house in short order, and trust me it doesn't take long to learn how to use them well enough.
The point is that once someone is determined enough to get into either your home or network, it doesn't take much to reach a stage where the owner has to go to great lengths to resist a very unlikely occurring, but very likely successful, attack.
But since I'm not the Pentagon I don't live in nuclear bunkers and don't employ regiments of cybersecurity people. I uess the risk of being cracked by pros is just part of the normal risk of live.
But someone does not have to be determined to break into the average house. And they do not have to be determined to break into a network that is misconfigured.
Using WPA2 with a long password and turning off WDS makes a network safe from direct attack.
Should I point out that 'password' is 8 characters :) Have there been studies done that attempt to test the hypothesis that when forced to pick passwords that meet some arbitrary complexity threshold most common users pick things like "password1"? I have a hard time believing most non-techies (heck, even a lot of techies) pick secure passwords.
I highly encourage people to use something like a favorite movie quote or a line from a book. Something like "Alas, poor Yorick! I knew him Horatio;" is both harder to crack and easier for a human to remember than something like "v3$bk:j".
You're essentially taking natural language, which is something humans are pretty adept at remembering, and turning it into a direct mnemonic for a more complicated passphrase.
The precomputed tables that make cracking WPA2 feasible have to not only target passwords, but password+SSID combinations as a result.
I think you're grossly overstating the relative weakness of a longer passphrase. The more obscure, the better, obviously, but the chances of any given quote or phrase of any length appearing in a precomputed table are relatively minimal.
More importantly, any variations in punctuation, capitalization, spacing, etc would make a precomputed table worthless while still making the passphrase far easier for a human to remember than a random string of 8 characters.
Alternatively, exact spacing, punctuation, etc. limits the human advantage of remembering phrases ("Wait, was that a capital A before the comma? Do you use two spaces between the sentences?").
This is the exact reason I've had a hard time with long pass-phrases and often generate a unique string and rely on physical protection.
It's worth noting that if we stripped whitespaces (and possibly some other common "could go both ways" features), we may be able to encourage people to choose higher entropy passwords.
Then append a random character at the end.
The point is that any variation whatsoever from what's included in the precomputed table renders the table useless while being easier to remember than a purely random string of characters.
... have the same problem as a random string of characters. You have to remember which letter it was you capitalized, where you put the semicolon in place of the comma, and so on.
From a human-memorable standpoint, that's no better than using an actually randomly generated passphrase. It's no better from a computer-guessable standpoint, either. So instead of trying to create a new scheme for generating passwords like "mangle a movie quote", you're better off just using the xkcd method / passphra.se
Not to derail your point, but who needs their WiFi password to human-memorable? Tape it to the bottom of the router like the rest of us.
Are you seriously arguing that "The quick brown fox Jumps over the lazy dog!" is less human-memorable than "dlLejs$sAgkCnzklS%9sxckAAnvk"?
Any variation from what a precomputed table expects renders the table useless.
>It's no better from a computer-guessable standpoint, either.
Besides the increased key space that has to be attacked?
I didn't say "password", I said "passphrase". Something like "breath red long provide" or "itself even willing establish".
If you're using memorable movie quotes or Shakespeare quotes or anything else that you could find on wikiquote, your keyspace is going to be smaller than what you get from stringing 4 random words together. You can try to grow that keyspace by adding in variations, each of which will get you a few bits of entropy, but those variations come at the cost of memorability.
It's counterproductive to start with a non-random phrase like a quote, and then try to add randomness on top of it. If you want both entropy and memorability, use a randomly generated passphrase (via http://passphra.se or by using dice and a dictionary) instead of piecemeal randomness-on-top-of-non-random-quotes strategies.
The primary attack vector against WPA2 keys is via precomputed tables. If your concern is about your SSID+passphrase combination appearing in one of these tables, any variation whatsoever from the "canonical" version somebody might pull from, say, a database of quotes is negated and they're forced back to square one of a pure brute force attack which the increased key space makes more expensive.
The xkcd-style passphrase is simply better than ad-hoc solutions.
The xkcd approach certainly works, but the arbitrary, random nature of it is going to make it difficult for some people to remember. The quotation approach is just leveraging the fact that people spend their entire lives using language as a logical framework to simplify remembering things.
Either is going to be vastly more secure than a random string of characters.
- if you do not include "unique elements" (that is, you quote straight from wikiquote or similar), a quote is less secure than 4 random dictionary words due to being subject to wikiquote-driven dictionary-style attacks.
- if you include intentional and unique modifications, a quote from a public work like a movie or play is not particularly easier to remember than something from passphra.se or similar. Once you have to remember what you spelled/capitalized/punctuated in a nonstandard way, what have you really gained?
- if you include unintentionally unique elements (a word you always misspell), or elements that aren't really unique (you always append the same character), then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
The key to the xkcd-style passphrase is that it remains secure even against an attacker who knows how you generated it, and who knows your personal tendencies. It's a completely universal, memorable, secure scheme.
Movie quotes are secure and memorable enough the majority of the time -- vastly more secure than using your kid's name, vastly more memorable than a string of random characters. But it seems to me like you're advocating a second-best security practice when we already have a best one.
That's the thing right there: the difference in practical vulnerability all but requires an attacker to have a certain level of omniscience and access to a massive database of any conceivable permutation of any fragment you might choose of a huge number of works.
>But it seems to me like you're advocating a second-best security practice when we already have a best one.
I'm advocating what can be efficiently communicated to a non-technical user that gets them to use something better than the short keys they'll tend to use otherwise.
What's more likely to stick with a 40 year old office coworker that asks how to secure their wireless network? A scheme that seems nonsensical on surface that requires a comic and basic grasp of what a keyspace is to understand, or the suggestion to "use a sentence from something you like that you'll easily remember?"
Either one is going to stop all but the most determined of attackers. I don't see the point in confusing the issue for them.
On the other hand, you're telling people "use a sentence from something you like", which is likely to result in only the smallest exploration of that keyspace -- the most popular lines out of the most popular shows or movies, with only a small number of capitalization or punctuation variants. If people are going to pick things like "to be or not to be" or "I can kill you with my brain", then you're suggesting something that's not particularly secure (and may already be contained in many dictionary attacks).
So the approach you advocate is fundamentally insecure, which you've argued can be made secure by adding exactly the sort of measures that confuse the issue for the people you say will benefit from the approach.
Here's an easier approach: tell people "anything you can find in a dictionary or on a list of quotes, hackers already have on their computers. To make a password hackers don't already know about, you need to put some random words together." Then point them to passphra.se and tell them to hit "generate another" until they get something they like. They can even add in more words to make it more memorable, or mix their random words into a movie quote ("I can melt you with my smoky vegetable universe", in River Tam's voice... creepy and memorable.)
In other words, instead of starting with "memorable" and then trying (and probably failing) to add enough entropy without sacrificing memorability, start with enough entropy and then make it memorable.
There is a very serious tendency to overestimate how clever and creative you can be in the 90 seconds you spend thinking about a password. Odds are, the "random" thing you're doing is the same random thing that a lot of other people are doing. And it's in someone's script somewhere.
If you roll dice, instead of trusting your brain to be clever, you know what you have is random and hence secure.
How do you define common? The person has the entirety of literature, movies, music, etc to draw from. They might select any given fragment of a work, and the attacker has no way of knowing where the fragment begins or ends.
Is a purely random key strictly more secure? Sure.
But my goal isn't to get the purest possible level of security; it's to get normal people to use something more complex than the 8-14 character passwords they generally use now. I'm certainly not claiming it's perfect, but it's a simple to understand scheme that most non-technical users will be able to understand and use that will protect them from all but the most dedicated of attackers.
Just like someone told to select an arbitrary password might select any sequence of characters. They might theoretically select anything, but most of them will choose something like 'password'.
So with your users. Star Trek fans are going to choose "makeitso". And a database of famous quotes will catch them.
Just roll dice. That way your choice is provably random.
shuf -n4 /usr/share/dict/words | tr -d '\n'; echo
echo $(shuf -n4 /usr/share/dict/words)
will do the trick. Though it does have some weird words in there. A trimmed "4000 common words" dictionary is what I use.
- Their address (sometimes with numerals spelled out)
- Their last name
- Their child's name
- single (common) dictionary word
- single (common) dictionary word + one or two digits.
I'm sure it cuts down their support, but it usually means brute forcing only need worry about the last four digits.
And here's a link to the tool: http://code.google.com/p/reaver-wps/
I did find the article linked within to be more interesting and informative.
We launched a product that protects you from these attacks - more discussion here - http://news.ycombinator.com/item?id=4444478
Was many years since I've downloaded anything off of download.com and I have a hard time believing that I ever will.
How are your users supposed to know that?
Also, you are know asking your users to trust both you and CNET.
> Remarkably, neither CloudCracker nor 12 hours of heavy-duty crunching by Hashcat were able to crack the passphrase. The secret: a lower-case letter, followed two numbers, followed by five more lower-case letters
So an all-number password was easily cracked with this method, but a shorter password with letters was untouchable?
Edit: I get that 10^10 is less than 36^8. I was more wondering how the cracker assumes, without knowing already if it's all-numeric or not, that it should try longer numerics before shorter alphanumerics and when it decides to give up on the numbers. I guess it's just known to be more likely for a good number of characters.
The smaller 'English' dictionaries focus tightly on that. The larger 'English' dictionaries include the longer curve of those passwords, but also start to mix in the hot spots from other models, such as valid NANP numbers (which is what got this example).
With letters, assuming standard English, you get 26 per value. Or 52 when we include case. That's a big difference. So lets say I only give you 4 lowercase characters. That's 4 to the power of 26. 456k permutations. So almost 5x more secure with less characters!
Your offline password cracker can crack numeric only passwords with ease. Heck, if you know who supplied the access point, you can narrow your search. For example I have uverse and I got a 10 number password by default, just like all uverse customers. So if you know its a uverse customer you can tell your cracker to focus on 10 digit permutations. There's only 10 billion permutations there. With 10 lowercase letters its 141 trillion.
tl;dr of this article: don't use stupid passwords.
Edit: the article mentions it was a phone number, so that narrows it down a lot.
although, in practice, many of the allowed codes are not occupied. For instance, no exchange around LA would be 213, and no exchange near SF would be 415.
There's also the issue of pattern heuristics. Number-only passwords seem like they'd be common, and thus a reasonable pattern to try out to ~35 bits or so (something that corresponds roughtly to "can be tried in a perceptively short time"), but it's not as clear that there's a significant fraction of passwords in the wild that use alphanumerics but no capitals. So they wouldn't try the passwords from the 36-character alphabet, more likely using a slower heuristic like things where the leading alpha character might be capital, or there might be punctuation between "words", etc...
I think it's a really noob question, but how do you monitor a network if you are not connected to it?
Many wifi chips can be put into 'promiscuous mode' which allows them to monitor a channel and capture all traffic on it.
There are 10 billion (10^10) possible 10-character all-numerical passwords. Can anyone explain how it was cracked using a 1.2 billion-word dictionary?
Does it work?
In my home, I often get a better signal using my laptop with an external antenna two walls from the AP than with my phone just a couple of meters away from it.
I don't use WiFi as a matter of practice, but I'm curious: What if you could keep all the "whitelisted" MAC's continually logged in to your network, or, at least, you could keep track of when they log out. The idea being that MAC spoofing is not possible if the particular MAC that the attacker wants to spoof is currently logged in. This is generally true with Ethernet, correct? Is this true with WiFi as well? (Assume the traffic is encrypted.)
And in fact, it seems this guy's hack relies on someone "rejoining" the network, triggered by a deauth frame. Without that "rejoining" step, I don't think he could get very far. If his target is continually connected, and there's no way to force a "rejoin", and all the traffic is encrypted, then what can he do? The problem to me sounds like the fact that someone can send a "deauth" frame and have it be accepted, and the Apple Mac gives no warnings that the connection underwent a "rejoin".
1. Why is it possible to do the password tests remotely? Why would the key on the router be allowed to be transmitted? Even a 6 character password should be safe if you don't allow multiple tries.
2. Why isn't the handshake protocol encrypted?
2. Encrypted with what? This is the key exchange stage that is attacked here.
802.11w adds signing to management frames which eliminates the deauth attack -- makes it harder to capture the EAPOL frames. Also, IIRC, WPA2-enterprise would not be susceptible to this sort of attack; you've pre-shared a key rather than a (short) password for generating one.
It could be something as innocent as a cheapskate neighbor using enough bandwidth to run afoul of my cap, or someone using it for nefarious purposes either on a continuous or drive-by basis.
(For those curious mac users, you can simply type "brew install aircrack-ng")
You will need airodump-ng to actually capture the handshake. I don't think the entire aircrack suite has been ported in homebrew.
I use passphrases almost exclusively. The key is picking words at random - phrases are easy to guess, though sometimes I pick them because, to me, they're easy to remember.
"Areyouopposingshadowmoon?" is an incredibly secure password, and it's very likely that no one would ever 'guess' that phrase, but it's also highly easy to remember (because 1997 engrained it into my head).
Don't get me wrong, this isn't an anti-apple rant: I've myself tried to my Macbook laptop to learn aircrack and finally desisted. The most important tools, airodump and aireplay, don't work in Mac, even if you have an injection-capable card.
Your best option is try with Linux either in your Mac (I think Backtrack has a Live CD so you don't have to install anything) or in a non-Apple PC.