The way I do it is going to be insecure the moment I lose one password, but it is easier for me to remember than these things. I have a phrase that is at least 8 characters long and then I add something specific for the service. The initial phrase includes a number and capital, for example "ExampleP1ss" and I really should have a symbol somewhere in it except I haven't signed up for anything that requires a symbol. Examples of things specific to this would be "hacknews", "hackernews", "hackerNews", "ycominator", "hackercombinator", ...
How (in)secure is this?
I also have it written down because I figure if someone has access to my personal computer physically, and they want my passwords they can probably install some keylogger or something else I don't understand, and this way I'll never forget my password. I also have a list of services that I am signed up for so I don't forget to change my reddit password because I haven't used reddit in the last three weeks after something like heartbleed happens.
What I will not do is store my passwords in my browser, that seems like an awful idea. Especially because some things automatically sync across browsers.
>What I will not do is store my passwords in my browser, that seems like an awful idea. Especially because some things automatically sync across browsers.
The serious browser extensions that do this use encryption for syncing, you are correct that centralizing them all in a browser extension is a negative for security, but the upside of having random and different passwords for each site or service _far_ outweighs the risks posed by centralization or browser storage.
The odds that one or more sites you use end up leaking your plaintext passwords is far more likely than Lastpass being hacked, even the odds of someone identifying your self described insecure pattern from a series of these leaks is far more likely than getting burned by an extension.
I had my apprehensions before starting to use a password manager, but after six months I consider it absolutely essential and urge everyone else to use LastPass or a similar addon. The benefits massively outweigh the risks.
>The odds that one or more sites you use end up leaking your plaintext passwords is far more likely than Lastpass being hacked
I'm not sure this is a fair generalization, especially without knowing the sites sthreet visits. Lastpass holds thousands of passwords and is probably a pretty big target for hackers. I don't doubt that they have great security, but nothing is guaranteed; one should at least admit that trusting Lastpass as a SPOF is a non-trivial decision to make.
Any idea why browsers haven't implemented their own native password generation functionality yet?
If nothing else, having this functionality built into popular browsers would increase public awareness of better password practices by at least an order of magnitude.
There's an option you can enable in chrome://flags to enable a password generator. I don't believe the user gets any control over the password's complexity right now, but it looks like it's something that the Chrome team is at least considering.
I'm not aware of anything similar being built into Firefox.
Great question, I'd love to hear from someone on the Chrome or Mozilla teams about this. Until then we'll just have to assume they are all busy finding new and interesting ways for browsers to use up more system memory.
I would think something like LastPass would be a good solution for you. Sure, it syncs across browsers and is stored remotely (on LastPass's servers), but at least it's encrypted and allows you to easily have very different passwords for every service you use.
Currently, someone just has to compromise your account on one third-party service in order to compromise every service you use (do you use Yahoo Messenger? I think all passwords are cleartext for that).
With LastPass, someone would have to compromise the (likely more secure LastPass service, or physically access your machine (and then compromise LastPass) in order to access your passwords. Seems just as easy to use, but more secure.
What I do for most sites is to enter a one-off random string and forget it immediately. I just leave myself logged in and when I get logged out I just use the email password recovery to set a new random password. Your email password recovery mechanism is already the weakest link.
Well, some websites I use are annoying and log me out fairly frequently, or maybe I'm just not checking the "keep me logged in" or something. But doing that every day is a huge pain.
All this assumes the third party service is even hashing their passwords.
To say nothing of the people who drop in a single round of md5 hashing without a salt and then sit back and tell themselves they are smarter than all those idiots still storing plaintext passwords.
Unfortunately, many sites enforce arbitrary restrictions on admissible passwords (e.g. between 8-13 characters, at least one digit, one lower case, and one uppercase). This makes the whole proposition much harder. I wonder if there is some purpose behind this (make things a little harder for the small-timers, but open the doors for the big guys).
Banking sites seem to be notorious for this. The worst offenders will simply truncate the password, too, leaving you to believe you're using a much more secure password than you actually are.
This is absolutely the case with USAA. No warning whatsoever was given that they truncated my password which led to me being locked out when it autofilled from LastPass. I contacted them but all they've offered to do is "forward it to our security team".
for a long time one of my credit card companies truncated my password. I typed in something long and hopefully secure when i set my account up. Something like "NineteenBumblingElephantsOnP4r4d3". I didn't even notice it was truncated for a while because whenever i typed it in the form would just stop accepting characters after 8 or 10 which is what the original sign-up form had done so I was still entering the correct password but it was shortened to "Nineteen" Not a very secure password at all.
I still think that the standard should just become a 100-200 characters password limit with no other restriction. That way the majority of user can just use common long sentence (music lyrics, event) as their password. I know the password cracker supposedly will include those into their database eventually. But I have trouble believing that adding a whole sentence in a lyric (ie: thisisasongtwinkletwinklelittlestar ...) will have lower entropy then whatever arbitrary restriction to add a special character (ie: thisisasong!@#$) would be. Ordinary user does not use Unicode in password, and I'm not even sure if half the password system out there won't break with unicode password. It seems like since we're sticking with Ascii, length almost universally add entropy, isn't it?
I like the "We have a list of the top 10k passwords. You can't use one of those." rule.
>common long sentence
Oh god no. Don't use a common sentence as the majority of your password. Don't try to be more clever than the password cracker. It's easy to get lists of common sentences and lyrics. Sure, a common sentence is better than a single special character, but it might only be as good as 3-4 random characters.
Assume the cracker knows your method, and go based on an estimate of entropy. So perhaps a random character is 6 bits, a random word is 12, and a common lyric is almost certainly between 20 and 30. Keep adding things until you have 80 or 100 or 128 or whatever your goal is. (I would strongly recommend not using 44 as your goal.)
I just want to clarify the point about long common sentence: we keep getting stuck with comparing 100 characters commoN sentence with truly good password from rng. Of course the latter is far better, but the average user is not going to use RNG to generate password. The comparison is between common long sentence against 20 characters password with arbitrary restriction.
20 characters where the user attempts to be random is going to be much better than any common sentence.
Even 10 characters of attempted random is going to be better.
Maybe even 5, if they were going to use a song everyone knows.
Increasing the minimum size past a point doesn't help security, it just leads to people using low-entropy padding methods.
Whether a sentence is better than "no restriction", I'm not sure, but that's not a very fair comparison because you can't force them to use a sentence either.
I'd say what you should recommend is a series of words that don't make a sentence, but where they can remember a scenario.
Or you could have the computer generate random words and let them make a sentence out of them.
But don't use a preexisting sentence, or a tiny modification to one. It will be far weaker than it should.
Anything much over a kilobyte has zero benefit and has potential to cause issues or slowdowns when shoved through a path that expects a short string.
It's very doubtful you'd type such a crazy-long password by hand, and if you have a password manager there's absolutely no reason to go beyond something like 256 bits of noise encoded as hex.
Absolutely. The result of these policies leads to, from my experience anyway, trivial but very difficult to remember passwords that end up getting written down or reset every time the user attempts to log in to the service.
That being said, I find passphrases hard to take on myself. I tend to use a set of mildly complex passwords I've used for years across a number of services.
Apparently the new key to passwords is a secure password db that you only keep a master key to access and then paste the passwords contained into services as needed. I've given a few of them a try but even then personally I'm not comfortable having my passwords kept on an external service, even if I have the master password to myself.
You can use KeePass http://keepass.info/ instead and keep the master database yourself. If you want sync, you could use an external service, or just copy/sync files yourself, or use a USB key.
Fair point. :) Although, in the first instance, I had meant `arbitrary' to mean something slightly different, more along the lines of `a condition chosen without adequate justification', rather than `permitting anything whatsoever', as in the second.
I still think the best possible practice is to use a password manager. I've been using one for a couple years I haven't ran into any issues so far. My passwords are long, complex,with symbols and unique. I use the phrase trick for the master password.
Importantly, your password manager file can stay on your device, not in a network-connected database that can be hacked, downloaded, and brute forced. Having millions of targets in one place is tempting, your personal files aren't.
I use Keepass, I store the databases on Dropbox, I memorize the passphrases, and I store their private keys on a thumbdrive.
I do worry about someone analyzing each and every change to the database for some kind of information leak, but I also change the compound key every 6 months which should help.
One thing keeping me from using a password manager as a comprehensive solution is my Chromebook. I have to manually sign in every morning when I open it up, and I can't use a password manager on the sign-in screen.
Setting aside your incredibly patronizing tone, this is actually kind of important. My google account is by far my most important account, and I already have it connected to several other accounts such as Goodreads, Stack Exchange, and others.
Yes, I've backed things up, saved my contacts, etc. But insofar as a password manager is supposed to be a comprehensive solution, it's a solution that forces people to choose between their Chromebook and their password manager.
One of my university professors used lyrics from folk songs to create passwords. Usually he took first characters of each word and created a long password out of them. He changed the song every week - I saw him often singing without a sound when he was about to login ;-)
Not sure I understand the advantages of passphrases that string together common words and names. Presumably a password cracker could look for long strings of common words, too.
Snowden emphasizes using words that aren't in the dictionary, but proper names of historical figures are in certain e-dictionaries (my android keyboard's auto-complete dictionary for instance includes Margaret and Thatcher).
That protects against people guessing your password, (or cracking after a DB dump), but that assumes they have to guess. Demand that sites encrypt your passwords. http://plaintextoffenders.com/
Write your passwords down on a piece of paper and put that piece of paper in your wallet. If you lose your wallet, well you just lost your credit card and maybe social security card too, so changing passwords ain't so bad.
Use incorrect answers for secret questions (wallet too).
I think for most moderately-technically-inclined people, a decent password manager is going to be much more secure (and in many cases, more convenient).
If you steal my credit card, I'll just call my bank and cancel it (and I'm not liable for any charges you made, anyway). But if you break into my email (or even something like my Facebook, which might have weaker security), it might be really hard to recover from that.
For secret questions, I always use output from /dev/random (at least 1 kilobyte) and base64-encode it, then throw it away. Secret questions are just too weak for anything, they're useless.
I think an important point Snowden makes is that the words used in the passphrase should be unlikely to be in a dictionary. In other words, the phrase should be one to which a language model[1] would assign low probability, as there are hugely many of such phrases, whereas higher probability phrases are less numerous.
For good master passwords: Randomly select 12 words from a book (be honest with the randoms, don't be choosy), and then doodle a picture where each word has a memorable element. Draw it a few times. Put one copy away for safe keeping. Work through the image whenever recalling your password, and once it becomes muscle memory, make a point of imagining it as typing it every once in awhile, to make sure you don't turn it completely instinctual :)
I've tried to use non ascii characters in passwords. Specifically, I've tried using japanese phrases as passwords/passphrases. Most software reject them. Or when they accept to register them, they would fail to recognize it on login. Sigh.
My rule of thumb is to go for 128 bits of entropy:
* If they allow all printable ASCII chars, that means
128 / lg(94) = about 20 characters
* If they only allow alphanumeric,
128 / lg(62) = about 22 characters
If the site doesn't let me use a password > 20 characters, I don't sign up.
I also use a password manager, so all my passwords are randomly generated.
My master password? 64 characters of line noise I memorized years ago. ;)
It's more important to choose to go from no password manager (and most likely less secure passwords) to using a password manager. Whether you use LastPass, 1Password, Dashlane, etc is more personal preference.
I've been using Dashlane http://dashlane.com for the past year and it works great across all browsers, iOS, Android, etc. Similar to other services it gives you a "security score" across all passwords to let you know if you're using insecure or repeat passwords and also reminds you to change your password when a service has been hacked.
Make the leap to a password manager. I recommend Keepass, it can run on Windows/Linux, there are a number of compatible alternatives, you can export your database if you don't like Keepass, chromeIPass/PassIFox make browsing the web a breeze.
Another vote for pass. It doesn't integrate into other applications, but I don't mind that. It also doesn't sync, but it does create a git repo by default, so syncing isn't hard to set up yourself.
I remember reading a paper evaluating the security of several password managers. As I recall PasswordSafe was rated strongest, followed by KeePass. I used to use PasswordSafe but switched to KeePass some time ago. Now I'm thinking about switching back. I'll see if I can find a citation for you.
I'm still using KeePass because I like the program a lot more than PasswordSafe, which is a little clunky. There's a KeePass implementation for iPhone, too. Those two things have kept me using it.
People are really bad at estimating password security, which is why he advised against it as a trick. You're right that he shouldn't have advised against it on a basic entropy level... except that 44 bits is not enough.
Using words is okay, but you have to impress on people two critical things.
1. random words. not sentences. use a program or dice.
2. Each word is only as good as two random characters. 8 words is as good as 16 characters, no more.
People try to get 'clever' and it never works out well.
Also, if you went with something like "Margret Thatcher is 110% sexy" then you've got even more characters, even more entropy, and even more special characters and it's even more natural to type out.
I also have it written down because I figure if someone has access to my personal computer physically, and they want my passwords they can probably install some keylogger or something else I don't understand, and this way I'll never forget my password. I also have a list of services that I am signed up for so I don't forget to change my reddit password because I haven't used reddit in the last three weeks after something like heartbleed happens. What I will not do is store my passwords in my browser, that seems like an awful idea. Especially because some things automatically sync across browsers.