Write Down Your Passwords 633
joeykiller writes "Microsoft's senior program manager for security policy, Jesper Johansson, presents a provocative but interesting view on password policy: He claims that prohibiting users from writing down their passwords is bad for security. His main point is that if users are prohibited from writing down their passwords, they will use the same easy to guess password everywhere." From the article: "Since not all systems allow good passwords, I am going to pick a really crappy one, use it everywhere and never change it...If I write them down and then protect the piece of paper--or whatever it is I wrote them down on--there is nothing wrong with that. That allows us to remember more passwords and better passwords."
Problem is portability (Score:2, Informative)
Re:Bruce Schneier agrees (Score:0, Informative)
Re:Makes perfect sense (Score:1, Informative)
A Lot of hacking is internal. If you're in a company bigger than a dozen or people or so, you're at risk.
Re:Bruce Schneier agrees (Score:3, Informative)
Re:Passwords suck: simple solution: (Score:3, Informative)
Password Safe is the answer (Score:5, Informative)
Password Safe [schneier.com]
My Solution (Score:5, Informative)
The master copy is on my keyring, but my home and work computers have copies. I've been doing this for a year and I highly recommend the solution. I can now use random passwords.
Everything you ever wanted to know about passwords (Score:2, Informative)
#2) The best passwords are illogical. Something like k8iWq3xy. Mixing in letters in and numbers, not based on any words, is a good start. If your program recognizes upper and lower case, mixing that can help too.
#3) The best, very best log in tool for security I saw was a small clock a friend was given from his company. It had some funky algorithm on it, and it displayed a 14 alphanumeric code. When my friend logged in, he had to enter this code, which changed ever 1 minute. This was in addition to his username and password.
#4) People will sniff your network. Nothing is bulletproof. Finding passwords sent is easy. If it comes as clear text, you are screwed off the bat. This defeats #1 and #2, but not #3, because #3 is based on an algorithm that changes every 1 minute.
#5) Set up a policy that only allows 2 attempts to log in, and after 2 failed attempts, it locks out that IP and MAC address for 30 minutes. This will be a major pain when you try and log in and make a mistake. It won't really stop hackers, just the ones with slow/bad proxies. Maybe 1 of the 500 proxies the hacker is using is not as anonyomous as they believe. As for your own use, take a book with you when you believe you might have to log in remotley, just in case you make a mistake. You need something to blow those 20 minutes.
#6) Never, ever log in root from a remote location. Have a crippled account to log into from remote locations. Expect this account to get cracked. Limit the damage. If you must, have 2 computer systems at home. One secured off line, and the other on line. Hell, toss in a third computer connected to the web based on via a serial cable and dump all the logging on that computer. The hacker/cracker can't edit the logging files on that second PC.
#7) When using a computer, always assume the key strokes are being logged. When you get home, change your password for that account.
#8) After you have done all these things, you will still get hacked. Call the FBI. Call your congressman. Lets bomb another country to releave our collective mutual stress.
Re:Passwords are useless. (Score:5, Informative)
So yes, your statement is true, but the brute-force computer you're theorizing doesn't exist, and probably won't for a long, long time.
No! (Score:2, Informative)
What an insightful article! (Score:3, Informative)
Re:Bruce Schneier agrees (Score:3, Informative)
PasswordSafe [sourceforge.net] is basically a GUI wrapped around an encrypted file such as you describe. Unfortunately, it's Win32 only, but there are a few [dyndns.org] portable [semanticgap.com] solutions [www.fpx.de] available.
Re:Password Safe is the answer (Score:2, Informative)
Re:Pseudo-Written Password (Score:1, Informative)
Thats why I think my solution - http://it.slashdot.org/comments.pl?sid=150601&cid= 12628446 [slashdot.org] - is better.
And if its a password that expires every couple of days, use a seperate hash that puts in random bits as well for this task...
http://it.slashdot.org/comments.pl?sid=150601&cid= 12628446 [slashdot.org]
Re:Bruce Schneier agrees (Score:2, Informative)
Re:Password Safe is the answer (Score:1, Informative)
You can even have it store your ssh passphrases that get intercepted by a third-party ssh-keychain application that inserts the passphrase into your Apple Keychain.
You also can place your keychain on a USB memory key (it's already encrypted) and plug the USB memory key into your laptop and login. If you forget the USB memory key then you login to the system but you don't have any stored passwords.
Re:Bruce Schneier agrees (Score:3, Informative)
So, you have an app that, by virtue of being on a portable emulated platform, is OS-portable as well.
Re:Bruce Schneier agrees (Score:2, Informative)
Not likely. (Score:2, Informative)
As you said, physical access is required. (which makes things MUCH more difficult) However, even if physical access WASN'T required, I don't think some hacker would suddenly say to himself, "AH HA! I bet this user is combining the serial number of his roller-chair and product number of his processor to create his password! Let me just try these numbers..."
There is a VERY large combination of passwords available from product/serial/model numbers on various items that reside in a typical office. Even if a hacker somehow broke into Joe Blow's apartment and spent twenty minutes writing down all of Joe's stapler model numbers, he likely wouldn't get them all, and definitely wouldn't need to run a program (remotely) to try all the possible combinations. (Especially given that the password might consist of half a dozen different product numbers!)
All in all, the odds of someone breaking this password aren't likely. If someone was determined enough to go through all afore-mentioned garbage at all, whatever he's getting at must be pretty valuable... and would probably be better protected than just by an arbitrary password.
Re:Bruce Schneier agrees (Score:3, Informative)
PasswordSafe (Score:3, Informative)
PasswordSafe [sourceforge.net]
Note: I'm the project's current admin.