How Often Should You Change Your Password? 233
jhigh writes "Bruce Schneier asks the question, how often should you change your password? 'The primary reason to give an authentication credential — not just a password, but any authentication credential — an expiration date is to limit the amount of time a lost, stolen, or forged credential can be used by someone else. If a membership card expires after a year, then if someone steals that card he can at most get a year's worth of benefit out of it. After that, it's useless.' Another reason could be to limit the amount of time an attacker has to crack the password, but Bruce's analysis seems on target."
As often as is convenient for the user. (Score:3, Interesting)
All sounds pretty reasonable (Score:3, Interesting)
Re:To Change or Not To Change (Score:5, Interesting)
You can change your password as often as you like, but if you don't use a strong password then you're always going to be at risk of a brute force hack or be a victim of the 'over the shoulder' spy.
A brute force attack shouldn't be that much of a concern with a login password, assuming that the system limits how often and how many times the brute force attack can retry. And presumably, the system would notify the account holder or administrator (or both) as to the unusual number of failed attempts.
Now if you're trying to brute force an intercepted message, that would be different. You'd have as many attempts as you could afford to crack it and all the time in the world to do it. At least until the data contained in the message was no longer useful to know.
I suppose that a password that was "strong" in the sense of "hard to memorize quickly" would be helpful against the "over the shoulder" attack.
Let's look at recommended password rules (Score:5, Interesting)
Never use the same password in two places
Always use randomly generated password
Never same them to browser cookies
Never write them down so they can't be stolen
Is it just me or are security experts willingly trying to get us to just forget the twenty to thirty passwords we need to use on a weekly basis?
Re:What's the point? (Score:2, Interesting)
Re:To Change or Not To Change (Score:4, Interesting)
"strong" is all about cracking hashed passwords.
a very common attack is where the attacker gets hold of the hashed passwords one way or another.
even a single *wierd* character can defeat that, learn a code for some unusual unicode character and include it and then you don't have to worry too much about that attack because the search space is massive.
any 8 character all lowercase can be cracked overnight.
8 character lowercase + numbers can be cracked in a reasonable time assuming people only use it weakly like only putting 1 number in at the end.
Example: passwor9
same thing with having an uppercase character but only as the first character in the password.
Example: Passwor9
using dictionary words in any language makes it trivial and reasonable assuming your only uppercase is at the start and only lowercase is at the end.
Example: Trustno1
these substitutions in the middle of a password also only add a small bit of strength, they're not worth much.
7 for T
0 for O
5 for S
Example: Tru57no1
Strength is all about how hard it is to crack when given a hash of it.
Re:To Change or Not To Change (Score:4, Interesting)
Fail.
Most rainbow tables already have those commonwords written like that. just because you discovered L33t speek, does not mean the cracking tables are already set up to crack those.
Better soluton is 2 words with special characters.
Fred-Stinks87
2Fun4You!
This-IS_My&Password
work far better and cant be added to rainbow tables easily.
Paswords are stupid and easy to crack with tricks because nobody uses AFSDWER$fq34agfre as a password. PASS PHRASES are far stronger and super easy to remember. Use at least 2 words with special characters and you are already 800X better off that everyone else.
Hundreds of passwords [Re:To Change or Not To...] (Score:2, Interesting)
I give my clients a simple process to create 'strong' passwords out of normal words or phrases (preferably 10+ chars) that makes them easy to remember.
Yeah, and if your clients only have one password to ever remember, and didn't have to change it, that would solve the problem. I have fifty passwords, many of which have to be changed every three months. Do you give your clients a "simple process" to create two hundred passwords per year, and remember which one goes with which system?
By the way, the single most important thing you should do to make sure your clients are secure is to make sure that they don't use the same password to access different systems. If they re-use their password on an insecure phishing site, doesn't matter how "strong" it is with "10+ chars"; it might as well be 123456.
Re:Strength-based passwd aging (Score:5, Interesting)
> Weak passwds rejected, mild passwds say 30 days, medium passwds 60-90 days, strong passwds 180-360 days, and impenetrable passwds should not require changing.
I like it. Might not be that easy to test for though.
> Impenetrable = >= 16 characters, mixed case, numerals, punctuation, and passing all dictionaries.
Personally I *hate* all that mixed character crap and only use lower-case characters, so I don't have to hit Shift or otherwise contort my fingers. Rather make it longer but a lot easier to type:
16 random characters from entire ASCII set (95) = 105 bits (you'd need 21 to reach 128-bit security)
16 random characters from lower-case letters (26) = 75 bits (you'd need 28 to reach 128-bit security)
Not that much of a difference. Even 75 bits would suffice for most applications.
More characters to type overall, but probably the best trade-off for entry speed, recall ability and security is the Diceware approach. 10 random words = 128+ bit.
Use KeePass anyway for the multitudes of Logins or even a simple: :set cryptmethod=blowfish )
vim -x my_passwords.txt
(
If you are at all worried... (Score:2, Interesting)
Re:To Change or Not To Change (Score:4, Interesting)
you're correct that a lot of measures such as substituting letters for numbers don't do much.
if you want to make it more difficult, add length to a password along with the password. Gizmodo or some gawker site talked about this once and it's a great password concept.
Example password for everything : Anon4321
add to it the website you're on, so sdAnon4321 or slashdotAnon4321. or twitter becomes tAnon4321
etc. you can choose what your variable is for each website, so to speak, and it's still a simple concept for people since they keep remembering the same password.
That way you can apply that same concept if you rotate your passwords too and it would modify them all but keep the consistency.
Re:This isn't Sam's club (Score:3, Interesting)
Fortunately crazymonkey1, crazymonkey2, crazymonkey3, and crazymonkey4 are all unique passwords.
Oh no, I hacked an account with the password crazymonkey28, and the user changed it due to expiration. Gee, I wonder what the new one might be.
These kinds of aging mechanisms are great for box-checkers, but I don't think they do much to promote real security.
Re:Those key fob things should be universal (Score:2, Interesting)
Cheap? Try $50 each, and thats what a company with 100,000 employees was paying.
Re:To Change or Not To Change (Score:2, Interesting)
You can get far stronger passwords (actually like a one-time pad) in a very simple way: pipe a bunch of /dev/randon through uuencode, and pick a few strings from the output of that. The uuencode program is *designed* to make binary gibberish "human-readable" so that it can be saved a plain ASCII. My box uses blowish to then encrypt (and shadow) the resulting string of randomness from the uuencode. Basically it's a poor man's password gen - the strings can contain *any* character, including punctuation and oddball symbols. The length of the word is up to you. I saved this whole deal into a few lines of shell script.
Re:To Change or Not To Change (Score:3, Interesting)
Paswords are stupid and easy to crack with tricks because nobody uses AFSDWER$fq34agfre as a password. PASS PHRASES are far stronger and super easy to remember. Use at least 2 words with special characters and you are already 800X better off that everyone else.
Great advice...can you please force banks, etc., to allow such passwords?
Example 1: I recently signed up to be able to pay my car payment online, and the requirements were that both the username and password be at least 8 characters long but no longer than 12 characters, have at least one letter and one number, with no non-alphanumeric allowed. Although you could use mixed case, it was not a requirement.
Example 2: A set of integrated systems at a client use Active Directory as a single sign-on to authenticate. The AD password requires at least one of lower, upper, number, and symbols, and must be at least 8 characters long. But, because some of the systems that use AD to validate the authentication are broken, you can't use a password of more than 8 characters, and some of the input systems don't allow every special character to be typed, so you definitely can't use Unicode characters.
Re:To Change or Not To Change (Score:5, Interesting)
many people can't type 8 characters with more than 50:50 accuracy without being able to see the output.
when i worked in student IT people thought I was really really good at fixing students problems with the wireless but the entire secret was that I simply made them check their password on the lab machines then type it slowly and carefully on their laptop.
They would have seen right through me if it gave more sensible errors when the password was wrong.
Asking many people to type a long sentence without being able to see it and without typos is a tall order.
Re:And they are the specialists... (Score:3, Interesting)
I think he got it and was asking for the tries per second on the hash, as in 10, 10000, etc.
The answer is: I don't know. But I can estimate it:
To go over the entire space of one single password with 8 characters by brute-force, considering 64 valid ASCII symbols (could be more, could be less, depending on the system) it should take 64^8, or 281,474,976,710,656.
It should be equivalent to a 48-bit key. For that password to be the equivalent to a 128-bit key, it should take some 22 characters in length.
Since not every password is at the end of the spectrum of the attacker's attempts, I suppose it would be safe to say that it would take half of that, in average. Or 140,737,488,355,328.
If the attacker is concentrating on only one single password, he'd need to be able to make some 27,148,425 attempts per second.
This guy [pcworld.com] seems to be able to make 1,400,000,000 of them with a PS3, so he'd take about 28 hours.
With a single PlayStation 3.
He says that PS3s are specifically good at that, so maybe that's the best bet. Except for clusters of PS3s.
So, an 8-character password in a system with 64 valid ASCII possible symbols would be the equivalent of a 48-bit key. To have the equivalent of a 128-bit key we'd need a 23-character password. I guess that's why they call it a passphrase...
In that case, the PS3 guy would take 3,853,672,525,287,862,210,347 years. A little extreme.
So how long should the password be in a system with a 2-month change policy to be safe at least from the PS3 guy?
Answer: a 54-bit key, or... 9 characters! Not that bad already...
In any case, as I said in the end of my first post, I don't get into the merit of the theory. I just question why the "specialists" always seem to analyze the question from unrelated perspectives such as "if you change your password every two months, then the maximum time an attacker will have to use the password (as in the attacker already has it from day 0) is 2 months" instead of "the maximum time an attacker will have to discover and use the password is 2 months".
You know, like the kind of analysis that I, non-specialist, just did.
Re:What's the point? (Score:3, Interesting)
It's not just jealous girlfriends/boyfriends. There's the potential for an attacker to glean personal information or account information on other services. If you get notifications from your bank, they now have some of your banking information. If you do your taxes through TurboTax or something and they email you a copy of your tax return, the attackers could get that too. They also know your friends' names and your family. If you ever send/receive login credentials for any accounts through email, they have those too.
So it's not hard to imagine that you would have an email in your account saying your bank is citibank and giving you some numbers of your bank account, some email with your SSN, and then an email from your mom which somehow includes her maiden name. For some banks, that's enough information to get access to your accounts.
Now I doubt that attackers are willing right now to expend the time and effort to read each of your emails individually, but I wouldn't put it past someone to get your email login, download every email you send or receive, and then use data-mining techniques to see what they can gather. Even something as simple as searching for the word "password" might net enough information to make it worthwhile.
Re:To Change or Not To Change (Score:1, Interesting)
Even if the attacker is not able to get a hashed version of your password, brute forcing might still be an issue. If the attacker does not try to attack a particular person, it does not really matter for him if he tries a million passwords on a single user or one password on a million of users. If the attacker is using a bot net, it is probably not quite easy to detect such an attack.
Re:What's the point? (Score:4, Interesting)