Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re^7: Password strength calculation

by BrowserUk (Patriarch)
on Jan 21, 2012 at 02:39 UTC ( [id://949100]=note: print w/replies, xml ) Need Help??


in reply to Re^6: Password strength calculation
in thread Password strength calculation

If however our hashes have not been disclosed, all of that is hypothetical. In that case, network bandwidth and the overhead of your application is the limiting factor when bruteforcing.

There are many well-known mechanisms for defeating front-of-house attacks that are far, far more effective than password rules:

  • Insert an obligatory 5 second delay between accepting the password and the acceptance/rejection.

    Even with 1000 concurrent attack vectors, a minimal 4-char password of upper-case-alpha only will require 2 weeks on average to crack.

  • Start with a 1 second delay and double it after each failure.

    Even a single character password will take an average of 1 year to find.

  • Require email contact after 3 failed attempts.

    Possibly the most effective.

To guard against GPU bruteforcing of disclosed hashes, the only practical solution (as people can hardly be convinced to use different 20+ character passphrases everywhere) is key stretching. If you use so many hashing rounds your machine takes 100 ms to calculate a hash, that doesn't hurt you much

(To the emboldened bit): Actually, they can.

The simple fact is that using the same 20-char pass-phrase everywhere is far more secure than using a different 8 character passwords at each site. And far easier to remember than multiple passwords.

And, if the information was out there and people would take notice, coming up with a single, memorable pass-phrase is actually quite easy:

'the quick brown fox', 'every good boy deserves favour', 'nine eleven two thousand and one'. 'marge, bart, and lisa', 'red orange yellow green blue indigo violet', ...

Even if the hash of your one passphrase is disclosed somewhere, cracking will take so long you'll be dead before you are vulnerable on other sites.


With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
"Science is about questioning the status quo. Questioning authority".
In the absence of evidence, opinion is indistinguishable from prejudice.

The start of some sanity?

Replies are listed 'Best First'.
Re^8: Password strength calculation
by mbethke (Hermit) on Jan 21, 2012 at 05:23 UTC
    There are many well-known mechanisms for defeating front-of-house attacks that are far, far more effective than password rules:

    How so? Finding any password at all over the net if a dictionary attack doesn't work is a matter of sheer luck with astronomical odds against the attacker. At an utterly negligible disadvantage upon hash disclosure.

    • Insert an obligatory 5 second delay between accepting the password and the acceptance/rejection.

    Even with 1000 concurrent attack vectors, a minimal 4-char password of upper-case-alpha only will require 2 weeks on average to crack.

    As the connections aren't doing anything else but wait for the response most of the time, it's not a problem for even a tiny botnet to open a lot more. And 26^4 is already about twice as much as my /usr/share/dict/words that includes a lot of rather obscure words---remember we're talking about dictionary attacks, not searching a whole keyspace of random combinations.
    • Start with a 1 second delay and double it after each failure.
      Even a single character password will take an average of 1 year to find.
    • Require email contact after 3 failed attempts.
      Possibly the most effective.
    Effective for getting people DOSed out of their accounts, yes. And your company getting DOSed by a stampede of users on the support hotline.

    Of course all of these are pretty pointless if the number of accounts to try is big enough so the attacker can just invert the game: instead of trying to find one particular account's password, use a spammer's address list and try to find the ones who've used one of the top 10 most frequent passwords.

    Actually, they can (be convinced to use 20+ character passphrases)

    The simple fact is that using the same 20-char pass-phrase everywhere is far more secure than using a different 8 character passwords at each site. And far easier to remember than multiple passwords.

    And, if the information was out there and people would take notice, coming up with a single, memorable pass-phrase is actually quite easy:

    Yes, I read this XKCD when it came out. The only problem is you got your grammatical moods mixed up: the information is out there (realis) so if people would take notice (conditional) they could be convinced, which sounds like conditional but as they don't take notice it's actually irrealis :)

    All your passphrase examples are of course perfectly alright by Cracklib's criteria.

      but as they don't take notice it's actually irrealis :)

      This attitude is the real problem. I don't mean you specifically, but generally across the web and beyond.

      Users are too stupid to remember more than one long word, so we'll have to force them into using mixed case and puntuation to achieve security!

      Ignoring the fact that most of those same users probably remember 2 or 3 or 4 pin numbers for credit cards. And what is a 4-digit pin if you spell it out in English (or Spanish or Japanese)?

      Yet every password guide or ruleset I've every read on a website goes with some variation on the 6-8 characters with at least 1 digit and 1 punctuation and "Don't share passwords between sites". We've programmed people into the very habits that lead to all the problems we are now having.


      With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
      Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
      "Science is about questioning the status quo. Questioning authority".
      In the absence of evidence, opinion is indistinguishable from prejudice.

      The start of some sanity?

        This attitude is the real problem. I don't mean you specifically, but generally across the web and beyond. Users are too stupid to remember more than one long word, so we'll have to force them into using mixed case and puntuation to achieve security!
        Well ... yes and no. It's true that it's often done but it's not what Cracklib enforces. And yes, it's stupid---but something rather different from preventing stupid users from using "joe" as a password.
        Yet every password guide or ruleset I've every read on a website goes with some variation on the 6-8 characters with at least 1 digit and 1 punctuation and "Don't share passwords between sites". We've programmed people into the very habits that lead to all the problems we are now having.

        Also mostly true. I blame it on people (except for Phil Zimmermann and Randall Munroe) not actually thinking about what they're doing when writing such guides but always passing on "common knowledge" from a time when system passwords were limited to 8 characters.

        However, having several passwords makes complete sense. Every day tens of thousands of passwords get snatched by trojans, and often (had it happen so several friends of mine) it's because people entered them on notoriously dodgy internet café machines. Now if I can't avoid entering say my freemailer passphrase on a potentially infected machine (I'm paranoid enough to have a Knoppix USB stick on my keyring to avoid having to but I wouldn't ask that of everyone) I'd hate the Nigerians to get the passphrase to my PGP keys and work computers as well. So I just have a handful of different passwords that I use depending on how secure I think their respective site is, and the higher security ones just don't get entered anywhere I can't be reasonably sure the system isn't safe.

Re^8: Password strength calculation
by stonecolddevin (Parson) on Jan 25, 2012 at 17:42 UTC

    I think you really nailed this one on the head, the "natural language" password idea (using a long phrase as your password) is a great, and solid, idea. I hadn't thought of the incremental delay after a password attempt, that's brilliant as well.

    As for password encryption, I think I like bcrypt the best (checkout Crypt::Eksblowfish::Bcrypt).

    Three thousand years of beautiful tradition, from Moses to Sandy Koufax, you're god damn right I'm living in the fucking past

      I think I like bcrypt the best

      The paper appears to be very well thought through.


      With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
      Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
      "Science is about questioning the status quo. Questioning authority".
      In the absence of evidence, opinion is indistinguishable from prejudice.

      The start of some sanity?

        At first I thought this was a smart ass comment regarding my affinity for bcrypt, at which I chuckled heartily. On second read, I think you were actually referring to the bcrypt spec. This sold me on it: http://codahale.com/how-to-safely-store-a-password/

        Three thousand years of beautiful tradition, from Moses to Sandy Koufax, you're god damn right I'm living in the fucking past

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://949100]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others exploiting the Monastery: (4)
As of 2024-03-29 10:20 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found