Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

MS Employee Calls for No More Passwords 614

BobPaul writes "On his blog, Robert Hensing of the Microsoft PSS Security Team makes a really convincing argument for the abolishment of complicated passwords. He argues that precomputed hash tables, network sniffing, and programs like LoftCrack make passwords obsolete and dangerous in the windows environment. What does he recommend in their place? Passphrases: sentences and quotes that are easy to remember but may be more than 30 or 40 characters in length. With many companies requiring frequent password changes, (and we know exactly where that leads) this is a simple idea I'm surprised more people haven't been doing this more often."
This discussion has been archived. No new comments can be posted.

MS Employee Calls for No More Passwords

Comments Filter:
  • Biometrics (Score:5, Interesting)

    by nuclear305 ( 674185 ) * on Saturday February 12, 2005 @09:44PM (#11655809)
    What about biometrics? Passphrases are nothing more than longer passwords. I can see several things resulting from
    converting to all passphrases. First, the person will probably use the same passphrase for everything because it's too difficult
    to remember multiple passphrases. Second, it's difficult to remember passphrases! Phone numbers (In the US, at least) are limited to
    10 digits because research shows the average person can only memorize 10 digits, as a result...we tend to write things down, or in the case of
    data people are likely to store their passphrases in a central location that is still prone to theft/decryption.

    Biometrics, on the other hand, requires that you only have your body present at the time! No special USB keys to lug around, no pieces of
    paper with important passwords/phrases. This won't solve the problem of possible data interception when talking about remote
    authentication--but every form of authentication is prone to such attacks when transmitted.
    • Re:Biometrics (Score:5, Insightful)

      by jbridge21 ( 90597 ) <jeffrey+slashdot@NoSPAM.firehead.org> on Saturday February 12, 2005 @09:48PM (#11655844) Journal
      something you have, something you are, something you know
    • Re:Biometrics (Score:5, Insightful)

      by lachlan76 ( 770870 ) on Saturday February 12, 2005 @09:49PM (#11655845)
      Biometric authentication can't be changed. I can change a password, but I can't change my fingerprints.

      This won't solve the problem of possible data interception when talking about remote
      authentication--but every form of authentication is prone to such attacks when transmitted.

      No it isn't, because if you use a salted hash (chosen by the server), you can't just replay the traffic.
      • by ScrewMaster ( 602015 ) on Saturday February 12, 2005 @10:05PM (#11655979)
        because if you use a salted hash (chosen by the server)

        That's true ... when I stop by our local Denny's for breakfast I let the waitress decide whether I get corned or roast beef with my eggs.
      • by darkpixel2k ( 623900 ) <aaron@heyaaron.com> on Saturday February 12, 2005 @10:58PM (#11656328) Homepage
        Biometric authentication can't be changed. I can change a password, but I can't change my fingerprints.

        Ooh...yea--that'll be the downfall of biometric authentication. Someone steals my retina and then all my accounts are 0wned for ever and ever...
        • Re:Biometrics (Score:3, Insightful)

          by Atzanteol ( 99067 )
          You're thinking the only way to fool the detector is to actually have your retina (or an exact copy of it). What if somebody finds a flaw in the detector itself that they can fool it with a glass eye? Or other things yet to be thought of?

        • Re:Biometrics (Score:5, Insightful)

          by ultranova ( 717540 ) on Sunday February 13, 2005 @07:52AM (#11658418)

          Ooh...yea--that'll be the downfall of biometric authentication. Someone steals my retina and then all my accounts are 0wned for ever and ever...

          Suppose you are just walking in the streets when someone suddenly shoves a camera to your face and takes a picture. The flashlight blinds you momentarily, so you can't pursue him. He disappears into the crowd with a picture of your retinas in his camera.

          What are you going to do ? The picture contains all the data he needs to log into online services as you. You cannot change the password, since you don't have any. In theory, you might be able to burn a distinguishing pattern into your retina with a laser - but, of course, that will negatively impact your vision.

          So yes, that's exactly what will happen. Someone will steal your retina (or rather, copy the biometric info that is used to authenticate you) and then all your accounts are 0wned for ever and ever.

          Not to mention the privacy concerns - I wouldn't want every online service to be able to link my identity to my real one, would you ?

          Biometric identification is an extremely bad idea that will hopefully die the silent death it deserves.

    • Re:Biometrics (Score:5, Insightful)

      by mboverload ( 657893 ) on Saturday February 12, 2005 @09:49PM (#11655851) Journal
      Biometrics is the most over-rated security idea ever thought of.

      Once someone gets a copy of your fingerprint or retina, your credit card is comprimised for life. You can't change you biometrics, which is why they are a total joke.

      • Re:Biometrics (Score:5, Interesting)

        by Blindman ( 36862 ) on Saturday February 12, 2005 @09:59PM (#11655941) Journal
        The question is wheter or not one can spoof biometrics. I can probably get a copy of a lot of fingerprints, and I could post them on my wall. That doesn't mean I could make gloves with them. Despite how it appears in movies, I don't know how easy it would be to fake someone else's fingerprints or retina for that matter.

        I agree that biometrics can't be changed, but will you ever need to?
        • Re:Biometrics (Score:5, Informative)

          by lachlan76 ( 770870 ) on Saturday February 12, 2005 @10:04PM (#11655973)
          Read this. [dansdata.com] There is no problem faking them.

          Not to mention that fingerprints are left EVERYWHERE.
          • Re:Biometrics (Score:3, Interesting)

            by StikyPad ( 445176 )
            Not to mention, there's no reason to believe you'd actually need to fake biometrics, although that might turn out to be the easiest solution in most cases.

            But let's suppose for a minute that someone sets up a fake ATM machine. First you insert your card, providing them with your account information. Next you authenticate yourself with your fingerprint, retinal scan, DNA sample, or whatever else you choose. Assuming they've installed the same biometric reading equipment as our theoretically real ATM mach
        • by DrMrLordX ( 559371 ) on Saturday February 12, 2005 @10:09PM (#11656007)
          You don't need to make gloves with someone else's fingerprints. All you need are gummy bears.

          Gummy Bears! Bouncing here and there and everywhere! Foiling security beyond compare! They are the Gummy Bearrrrrrrrrrrs.
        • Re:Biometrics (Score:5, Informative)

          by bentcd ( 690786 ) <bcd@pvv.org> on Saturday February 12, 2005 @10:28PM (#11656132) Homepage
          Biometrics can certainly be spoofed. How easy this is depends entirely upon the equipment being used for recording and verifying it.

          Here's a link to a Norwegian article about one successful breach:
          http://www.tu.no/nyheter/ikt/article30692.ece [www.tu.no]
          The article links to this Swedish one on the same story:
          http://www.nyteknik.se/pub/ipsart.asp?art_id=37392 [nyteknik.se]
          and this concerning some Japanese experiments:
          http://www.rootsecure.net/content/downloads/pdf_do wnloads/fingerprint_scanners.pdf [rootsecure.net]

          (mind the /.-inserted spaces in those links if you're copying them)
        • Re:Biometrics (Score:5, Informative)

          by dexterpexter ( 733748 ) on Saturday February 12, 2005 @10:31PM (#11656160) Journal
          Yes. Actually, I did a fair amount of research in biometrics and found that for most systems, you don't even need to make fake fingers or gloves. In fact, many biometric systems will work with simply a black and white photocopy of the person's fingerprint with a heated hand (your own) behind it while its held up to the scanner. It depends on whether is static-based or image-based. Same goes for retina scanners. Some systems can be fooled with a high-quality picture of an eye.

          Even worse, some fingerprint-based biometric sensors that were being toted as secure were able to be broken by simply blowing warm breath on the reader, much like when you go up to a cold, glassy window and fog it with your breath. The biometric sensors, for one reason or another, read the previous fingerprint.

          Again, it all depends on which system is in question, but my research found that most biometric systems were able to be broken, sans bloody, cut-off fingers or jelly replicas. Of course, they are toted as super-secure.

          That is why the fundamental rule for using biometrics for authentication is as follows:
          Biometrics aren't meant to replace passwords/passphrases. They are meant to be used as an added layer of security in addition to the password.

          (As a side note, if you wanted to do more than just get the copy of fingerprints, invite someone out for beer and french fries at the local bar and bring some scotch tape with you. When they are done and leave, take their greasy, finger-print covered glass and apply the scotch tape to it. You will lift the oily fingerprint. Depending on how the system works, you can now use watery ink to get a negative of the fingerprint. Print this onto the old boards they used to hand-make printed circuit boards, etch the board with chemicals, and come out with a fairly 3-D version of the fingerprint. Now, make your standard flat, thin jelly mold and, when set, wrap it on your finger. Viola!)
          • Re:Biometrics (Score:5, Insightful)

            by jayed_99 ( 267003 ) on Sunday February 13, 2005 @12:04AM (#11656674)
            I've helped implement a biometric system for time-keeping. I've also worked in very, very secure environments.

            There are two definite (and related) advantages to biometric systems.

            One -- the bar to "unauthorized use of credentials" is raised to a higher level. Which, to a large degree, is what all security is about. If ${large organization of nefarious intent} wants my data, they have the means to get it. Biometrics helps weed out the less well-funded and well-motivated people. It's like me using one-time passwords for SSH access. No, it doesn't prevent someone from entering my house and installing a tiny hardware key-logger in my PC, but it does stop all of those clowns running dictionary attacks.

            With biometrics, people can't just rummage around a desk looking for the password post-it. They (as in your case) have to arrange for greasy finger-print covered glasses and scotch tape. Not insurmountable, just a bit more difficult.

            Two -- any kind of remotely plausible deniability in the event of a breach is gone. ("Uh, I don't know how it happened. I just happened to have a jelly mold of this guy's fingerprint..."). Unauthorized access to a biometrically controlled system is pretty solid primae faciae evidence that Evil Deeds[TM] are afoot.

            Yes, there are problems with biometric authorization. Irrevocability being a very large one. Almost all of the people complaining about biometrics being ineffective -- and almost all of the people touting them as *the* solution to all security problems -- are forgetting one thing.

            Security is about the whole organizational process. Total security is enhanced or diminished by the particular method of authentication that you use -- and poor authentication can undermine a lot of the rest of the system. Hackable authentication does not automatically invalidate the rest of the security process. 100% provable authentication does not automatically mean that your system is 100% secure.

            Let's look at the example of an anonymous FTP server. There's no authentication. None. However, any sensible person would be running it read-only. It would be jailed or chrooted. IP addresses would be logged for auditing purposes. The partition that the ftp server is serving data from could be mounted noexec. Blah, blah, blah, etc, etc, etc. Here's a case where zero authentication does not mean zero security.

            People often talk about biometrics in the context of some theoretical, non-existent system where there is no other security other than this one, initial biometric authentication...and the whole system is either "secure" or "insecure" based on the authentication. Which is just garbage.

            Even in the simplest case -- biometric time-keeping -- there are other checks in the system.

            Let's assume that worker A and worker B have colluded to provide each other with false handprints. We'll leave out such annoying real-world problems like, "Hey, Bob, why are you clocking in with that jelly-filled hand-on-a-stick ?" and assume that worker A and worker B can at any time just clock in and clock out as each other without anyone noticing.

            OK, at the end of the week, Manager M gets a payroll report. Manager M gives it a cursory glance. Uber-manager N gets the same report, and gives it an even more cursory glance. Let's not even talk about Director O -- we know that it's just sitting in her in-box with all of the other reports.

            HR Flunkie T runs the weekly "check for discrepancies between scheduled shifts and actual time worked" and sends those to Manager, Uber-Manager and Director. Manager M fires an email back saying, "Hey, no problem." Or perhaps the email says, "Hey, worker A is showing up as having no discrepancies -- I distinctly remember that he was thirty minutes late on Tuesday".

            Every month, Auditor X takes a brief look at all of the discrepancies between last month and today and all of the explanations for them. Auditor X looks for any suspicious or unusual patterns -- and the absenc
        • Re:Biometrics (Score:3, Insightful)

          by timmarhy ( 659436 )
          it doesn't matter if it's extremely hard. if it's at all possible people will go to any lenghts to do it.
        • Re:Biometrics (Score:3, Insightful)

          by g0sub ( 582599 )
          Why would I want to do it so complicated? I can record the binary data representing your fingerprint and use that. Replay attacks have been around for ages.

          I only need a physical representation of your biometric data if one assumes that the system with Analog to Digital Converters and all won't be compromised. What a silly idea. Every security system which is based on control over the equipment failes sooner or later.
        • Re:Biometrics (Score:3, Insightful)

          by DeepHurtn! ( 773713 )
          The problem, fundamentally, is that at some level the biometric data must be reduced to a bunch of 1s and 0s and transmitted between devices. That makes those 1s and 0s vulnerable to being copied and misused. It may take hacked hardware, sure -- but the problem that the information is *eternally tied to you personally* makes it very dangerous.

          A real life example: a few months ago my debit card was duplicated. I never lost my card, but some store owner somewhere had a hacked machine that captured my card

      • Wrong. Once copies of fingerprints or retina in a quality good enough for the given authentication are possible everyones creditcard is compromised until the banks get a new system.
      • Re:Biometrics (Score:3, Insightful)

        by strider44 ( 650833 )
        I think biometrics used in compliment to passwords/passphrases or whatever are a much better security system, especially for credit cards or something of the like. That means that even if they get two of your credit card, your password, and your fingerprint, then they would still need to get the third before they could have access. The chances of someone getting all three without something really dirty is quite slim.

        And if someone does get all three you can always change your password and they have to
      • Re:Biometrics (Score:3, Insightful)

        by timeOday ( 582209 )
        And to the computer system, both biometrics and passwords are both just a string of bytes, nothing more. If you're trying to authenticate with online banking, all the server knows is that an acceptable sequence of bytes has been transmitted; whether those bytes actually came from an image of a fingerprint is another question.

        I'm not convinced that biometrics are much better than getting a tatoo of your password.

      • Re:Biometrics (Score:3, Insightful)

        by zerocool^ ( 112121 )

        My often-spoken number 1 rule of security: If they get to your hardware, you're screwed.

        Corollary: If you depend on biometrics for security, you are effectively bringing your hardware to "them", and leaving copies of it everywhere, in the case of fingerprints.

        Which is more insecure: Writing your password on a stickie note and leaving it on your monitor; locking your house,
        leaving your fingerprints everywhere, and yet depending on them for security.

    • by Qzukk ( 229616 )
      Biometrics, on the other hand, requires that you only have your body present at the time!

      Or that someone else has your body present. Or just search google for jelly fingerprint to see how to duplicate other people's prints for fun and profit.

      Biometrics is bound to stick around for a while, but the fad will hopefully fade before all my bank and credit card accounts get tied to my fingerprint and I have to have new prints carved into my fingers to replace the ones that some identity thief lifted off the s
    • One Question (Score:3, Insightful)

      Would you leave you passphrase written down on every nearby surface?

      Becuase your fingerprints will be all over unless you wear gloves all the time.

      Other body parts aren't quite this extreame but still have similar weaknesses.
    • Re:Biometrics (Score:5, Informative)

      by iocat ( 572367 ) on Saturday February 12, 2005 @10:05PM (#11655975) Homepage Journal
      When you do a pass-phrase, each of the 10 "digits" you remember are words. Assuming you don't have dyslexia or other language-center-damaging brain issues, you don't have to remember the correct position of every letter of each word as though it was some random digit, because your brain encodes "Now is the time for all good men to come to their country's aid" much differently than "suh ob wjf nait fdn ap; qomf ..." -- you get the picture.

      It's a lot easier to remember a series of words than a series of digits that have no obvious relationship to each other.

      • Re:Biometrics (Score:5, Interesting)

        by JoeNotCharles ( 582830 ) <joe@notcharles.ca> on Saturday February 12, 2005 @11:07PM (#11656378) Homepage
        Fuzzy memory can be a problem, though. Was it "...to come to their country's aid" or "...to come to the aid of their country"? Did you use punctuation, and if so, which? I created a gpg passphrase and stupidly used two sentences - was never able to recover my keys again, because I couldn't remember if I used one or two spaces between the sentences, or if the first ended with a period or an exclamation mark. (Actually, I tried all 4 variations of that, and none worked, so I must have forgotten something else - but with such a long passphrase, I couldn't even begin to think of the many possible variations on what I got wrong. With a password, I can at least try changing each letter at a time if I've gotten something wrong, on the assumption I only made one mistake. Of course, I'm not saying passwords are good either - I hate them.)
      • it's a lot easier to shoulder surf passwords when they are phrases, instead of random digits.

        if I see

        Xow XX thX time XXr aXX good meX to XXme to their coXXCCC's Xid, and I'm ken jennings, I can figure it out...
    • Re:Biometrics (Score:4, Informative)

      by miskatonic alumnus ( 668722 ) on Saturday February 12, 2005 @10:51PM (#11656280)
      Second, it's difficult to remember passphrases! Phone numbers (In the US, at least) are limited to 10 digits because research shows the average person can only memorize 10 digits, as a result...we tend to write things down

      Nonsense. I recall the phrase "Whan that April with his showres soote" from 20 years ago when I read it for the first and last time. 3 years before that I memorized pi to 21 decimal places --- I still know them. How about "Now is the winter of our discontent"? or "The lord is my shepherd. I shall not be in want"? or thousands of others?

      Memorizing a phrase -- particularly a phrase that means something to you, is not as difficult as memorizing the first 3 entries in the phone book.
    • Re:Biometrics (Score:5, Insightful)

      by laughingcoyote ( 762272 ) <barghesthowl@e x c ite.com> on Saturday February 12, 2005 @11:19PM (#11656441) Journal

      Great, now what happens when I need to log into a remote server? I currently live in Colorado and have access to machines in Wisconsin and Alberta, and the great security of fingerprint biometrics aside, my arms just aren't that long. And if that remote machine will accept data from a reader at my own machine, well, that reader is vulnerable to tampering and outside their control, and we're back where we started.

      At some point, we HAVE to realize that we just can't have some type of perfect security. Like a real safe or vault, someone determined enough to get in WILL get in. However, the better the security, the more chance that you will catch them in the act and prevent it, or deter the would-be attacker in the first place. This is the true goal of security.

      Biometric security measures, in my opinion, would be too intrusive and unwieldy for use at the desktop level. If I want to let my friend Bob use my machine, I can give him my password, but I cannot hand him my retina. Of course, for ultrasensitive applications (bank vaults, national security information, nuclear power facilities) it would be an excellent alternative to the current cards and such which can be stolen.

      As to the passphrase idea, it's not -terribly- hard to remember multiple phrases. And you don't need a different one for each site you visit-four or five different ones are sufficient for most people. And it's a lot harder for a would-be cracker to guess that your passphrase is "My daughter threw cake at the dog on her second birthday" then it is to look up your kid's date of birth.

    • Re:Biometrics (Score:3, Insightful)

      by Feanturi ( 99866 )
      ...too difficult to remember multiple passphrases. Second, it's difficult to remember passphrases! Phone numbers (In the US, at least) are limited to 10 digits because research shows the average person can only memorize 10 digits,

      Remembering a string of numbers is a lot different than remembering a line of poetry, or a bit of dialogue from a favorite book, or movie, or the title of a cool song, or.. I could go on and on. For years I've used fairly short passwords of only around 8 characters, but they neve
  • by LostCluster ( 625375 ) * on Saturday February 12, 2005 @09:44PM (#11655810)
    One thing I just read in my MCSE study book... Windows 2000 and up support 127-character passwords, but Windows NT, Windows 9x and Windows ME only support 14-characters in a password. A user who has a Windows password greater than 14 characters simply cannot using the older operating systems even if they otherwise should be able to.

    Therefore, if you have any legacy systems to support, these password tips don't apply to you, and that's got to be part of the reason there hasn't been much of a movement to suggest that users use longer passwords.
    • A variant of the "sentence as password" idea that I've been using for years, is to come up with a sentence (be it apropos to the system or not) and then use the first letter of each word in the sentence.

      It combines the best of both worlds.

      i) a 'complex' password because it can't be broken by a dictionary-based attack
      ii) easy to remember (sentence-based)

      Add to the mix some tranposition of characters (use 1's instead of i's etc etc) and you've got yourself a fairly decent password, at least better than mos
      • Works just fine on password-size challenged systems.

        One of the article's points (and a topic of discussion in the security field for some time now) is the practice of pre-computing the hash of every possible password up to a certain length - a.k.a. "rainbow tables". Against this kind of attack, every password of a given length is equally secure.

        Long passphrases, however, (15-20 characters or more) should be safe at least until the advent of quantum computing.

    • Well, he isn't actually a plagerist, but now that I've got your attention, I should point out the Phil Zimmerman has been advocating passphrases since the first version of PGP came out in the early nineties IIRC, and even he is probably not the first. I've certainly been using them for about that long wherever possible.

      That won't stop Microsoft from taking credit for this "new, revolutionary idea in computer security," or the Microsoft apologists accusing everyone else from "copying Microsoft instead of i
  • is that it takes longer to type. But for a highly secure system, I doubt you could beat a phrase or sentence -- particularly in an obscure language or containing obscure words, to make dictionary cracking even more difficult.
    • Plus, isn't it still basically just a longer password? A rose by any other name...
    • Just make a long strong password using the first letter from each word in a sentance.

      I spend way too fucking much time on slashdot and don't get any work done

      Give your users something funny and they won't forget it.

    • Also, you are more prone to typing errors when typing a long passphrase. Though I suppose typing an English sentence could be easier than typing, for example, D84*#ijo).

      I really wonder about the long-term viability of this solution as well. Sure, it makes brute-force attacks harder because the password is longer, but it also makes each character of the password much easier to guess because it makes up a coherent English sentence. Those crazy security wizards will probably come up with a way to defeat p

  • People are lazy (Score:4, Informative)

    by hedronist ( 233240 ) * on Saturday February 12, 2005 @09:46PM (#11655820)
    One of the main obstacles to better security is that people are fundamentally lazy. Typing 30 or 40 characters is difficult to do, and it takes time, so people won't do it. Or if forced to do it, they will whine about it -- a lot.

    I have convinced a majority of my friends & family to at least stop using dictionary words and names of pets. Instead, I have them pick some favorite line from a movie or book and then use the first letter of each word. It's easy to remember, so they don't stick it on the bottom of their keyboard. It also is not a word in the dictionary so at least Crack & friends can't be used to guess it.

    For example, if one of my friends is a Dead Head, he might use "stlasom.oticbs" If you're a Dead Head you'll probably be able to guess the lyric. But you *won't* be able to find it in a dictionary.
    • Re:People are lazy (Score:4, Insightful)

      by gcaseye6677 ( 694805 ) on Saturday February 12, 2005 @09:53PM (#11655886)
      Even the non-lazy wouldn't be happy about long passphrases. At work, I lock my screen whenever I leave the desk, and the password protected screen saver timeout is 5 minutes in case I forget. Would I be willing to do this if I had to type out 40 characters to get back into my machine? Hell no, I'd get a Homer-Simpson-like pecking bird to keep the keyboard active while I'm gone, resulting in less security. Although I understand what this guy is saying, the idea of super long pass phrases is a non-starter in any real world environment.
    • The main obstacle is that if you exceed the (rather low) threshold of inconvenience that the bulk of users (who, after all, just want to do their jobs) will tolerate, they will simply eliminate the security altogether. Post-It notes work wonders in that regard.

      Let me give you an example of how excessive security requirements can do this. Quite a few years ago, I was doing some contract programming for a local university/teaching hospital. I was working with one of their mainframe programmers, and he told
  • Excellent! (Score:5, Funny)

    by PedanticSpellingTrol ( 746300 ) on Saturday February 12, 2005 @09:46PM (#11655821)
    Now replacing my brute force wordlists with "He's dead, Jim", "In soviet russia, passphrases validate YOU" and "passwords are for old korean people" will allow root access to 90% of the internet.
  • Edited 10/18/2004:
    This blog has gained far more attention than I could have ever imagined when I decided to create a small personal blog devoted to security incident response. I never imagined my first ever post would be as controversial or as widely published / linked as it has become!

    If he thought his little blog had gained all of the attention it could back in October...
  • So when the user creates there password it will be: "This is my passphrase" instead of "password"
  • I've actually used a Lipsum generator for passwords for a long time on sensitive machines. Because they consist of very pronouncable latin roots, its easy to remeber them. One I don't use anymore for example was Etiam_Tristique_Turpis. Not easy to crack for I imagine, but easy for me to remeber.
  • by physicsphairy ( 720718 ) on Saturday February 12, 2005 @09:50PM (#11655860) Homepage
    And I quote, "Open Sesame!"
  • An easy way to get stronger passwords is to make them consist of the first letter of every word in a phrase. For example:

    I wish I had some nachos to eat at work

    would become:


    Okay, it can still be brute force attacked but it certainly can't be efficiently dictionary hacked. Furthermore, for most of our needs, this works just fine. Add a number into the phrase and even better.

    As the article mentions, passwords get hard to brute force at about 10 characters.
  • by Noryungi ( 70322 ) on Saturday February 12, 2005 @09:51PM (#11655867) Homepage Journal
    In many companies where I worked, for kind of reason, my passphrase always ended up as:

    • [name_of_boss]isabloodyidiot


    • whatabloodyidiot[name_of_boss]is

    Make of that what you want, but:

    • it's always accepted by whatever program is in charge of checking password
    • it's easy to remember, yet hard to crack (unless you know me and the bloody^W... er... boss...
    • it always made me smile as this was the first thing I had to type in the morning

    Of course, I changed the password to something more politically correct before leaving the companies....
  • The headline to this story is an example of the kind of journalistic sensationalsism that is leading this country down the road to ruin and chaos. It gives the exciting implication that a Microsoft employee is proposing the abolition of the commonly-used password verification system and perhaps its replacement with some new and cutting edge technological method such as biometrics or one-way phrenosenticism.

    Instead, the Microsoft employee is merely suggesting the use of longer passwords. I am shocked and
    • Instead, the Microsoft employee is merely suggesting the use of longer passwords. I am shocked and appalled that a respectable forum such as Slashdot is stooping to "sexing up" its material in this manner.

      Note to moderators : This is an example of irony [k12.ny.us]

  • by Homology ( 639438 ) on Saturday February 12, 2005 @09:54PM (#11655896)
    passphrases, just visit The Diceware Passphrase Home Page [diceware.com] :

    This page offers a better way to create a strong, yet easy to remember passphrase for use with encryption and security programs. Weak passwords and passphrases are one of the most common flaws in computer security. Take a few minutes and learn how to do it right. The information presented here can be used by anyone. No background in cryptography or mathematics is required. Just follow the simple steps below.
  • good news, everybody (Score:3, Interesting)

    by jonastullus ( 530101 ) on Saturday February 12, 2005 @09:54PM (#11655900) Homepage
    this is a simple idea I'm surprised more people haven't been doing this more often.

    *yeah, right*
    this "idea" is described in every single tutorial/howto/paper/note about password security. it's a good idea, i've been doing it for years, it has most likely been mentioned on slashdot countless times, but here we go again.

    at times i forget why i am such an avid reader; it provides me with "stuff that matters" and makes me feel like i know more than all the others, from time to time ;-)))

  • It's the inscription on the One Ring, translated into Klingon, then rendered in l337! Three levels of Ubergeek encryption ensures maxiumum security!

  • I like the passphrase idea. The only thing I see as an issue is the minor shift people tend to apply to things when memorized.

    Read other people's messages before posting your own to avoid simply duplicating what has already been said.

    Read other people's messages before posting yours to avoid simply duplicating what has been said already.

    Read other peoples message before posting your own to avoid simply duplicating what's already been said. ...could all be the same passphrase.

    In standard user applicati

  • by hsoft ( 742011 ) on Saturday February 12, 2005 @09:57PM (#11655916) Homepage
    Bible dictionnary attack could work for a lot of passphrase if this kind of password were to become mainstream.

    IMHO, passphrase would make it easier for a hacker to successfully hack a system. For example, myself:

    - Make a google search for my name
    - See that The White Stripes is among my favourite groups
    - Add The White Stripes lyrics to the crack dictionnary
    - Attack, and probably succeed (password = "Why can't you be nicer to me?").

    The list of all quotes in imdb mustn't be THAT big. Thus "I will have my vengeance, in this life or the next" would be a bad password. (not to mention "whoa" :) )

    Of course, IANASB (security blogger), I could be wrong.
  • I just make up long words that are a mix of several languages (English/French/Chinese/C++/Scheme/etc), and funny types of common misspellings I've made in the past (ie, a friend in grade schoool would always mispronounce "Basilisk" as "baalisk"... always stuck with me, so I remember this...)

    Mix them together and you have a fairly secure password that can't be guessed unless the attacker knows you very well or has some keylogger.

    However, the problem that remains is that people are lazy and a small mistake

  • I ended up stumbling upon this concept, and wondered why it wasn't recommended more often.

    I had to create a secure-shell passphrase. The program, when I created the private key, didn't ask me to name a "password." It said, please enter a "passphrase." As a result, I have a much longer, more secure password, and absolutely no difficulties in remembering it.

    Think about it this way:

    a) Please enter a password, made of letters, characters, numbers, etc, but no dictionary words, and keep it over 8 characters l
  • by mattdm ( 1931 ) on Saturday February 12, 2005 @10:00PM (#11655948) Homepage
    1) it's just as easy (give or take the odd case where you're just able to sample a few bytes) to sniff a passphrase as a password

    2) if most people's passphrases are made of dictionary words take from their active vocabularies, dictionary attacks are still very possible. If we figure a typical vocabulary of 25000 words and a six-word phase, hmmm, some quick math indicates we're in the range of a 14-character random alphanumeric+punctunation password -- not too bad. (Especially if you grant people bigger vocabularies [worldwidewords.org]....) But, suddenly, we're open to language-based attacks -- there's probably thesis project in here for someone to come up with good algorithms to narrow down the required attack dictionary.
    • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Saturday February 12, 2005 @11:04PM (#11656360)
      But, suddenly, we're open to language-based attacks -- there's probably thesis project in here for someone to come up with good algorithms to narrow down the required attack dictionary.
      I'll give you one right now.

      subject - verb - object
      (I like pizza).

      Here's another:
      adverb/adjective - object - verb
      (Mean people suck).

      The trick is finding the most common 3 word phrases (in English) and applying the basic grammatical rules you learned in school.

      That guy didn't understand that passphrases/passwords are covered in cryptology under "authentication".

      And any student of cryptology can tell you that PATTERNS are the problem.

      With passphrases, there are too many GRAMMATICAL RULES and PATTERNS that make it simple to crack.

      He focuses solely on the number of characters and never looks at how someone else would approach this to crack it.
    • >dictionary attacks are still very possible

      Correct and insightful.

      What I use for high-security applications and recommend to clients is a genuinely random passphrase. You generate it one word at a time without regard to grammar by using 5 dice and the list of 6**5 short words at the Diceware [diceware.com] page. Then you make up some kind of story to go with a phrase like "cleft cam synod yr" (hey, challenges are good for you) so you can remember it.

      Bruce Schneier wrote that passwords are dead because normal peop

  • "I see dead pe0ple in the middle of the night. Help!"

    Simple, easy to remember, contains a number, has a period and comma, and is over 50 characters. I don't know about you, but these phrase passwords sound like a good idea.

  • It's not LoftCrack (Score:3, Informative)

    by TheCabal ( 215908 ) on Saturday February 12, 2005 @10:03PM (#11655963) Journal
    it's l0phtcrack
  • by Gaima ( 174551 ) on Saturday February 12, 2005 @10:04PM (#11655968)
    Perhaps I'm too sleepy to think (I'm too sleepy to read the article), but precisely what is the difference?
    A password is a string you know, a passphrase is a string you know.
    One is probably longer than the other, big deal.

    2, or 3, or 4 factor authorisation schemes are the only way forward. Like those used by some banks in, erm, Sweden ?
    • Perhaps I'm too sleepy to think (I'm too sleepy to read the article), but precisely what is the difference?
      A password is a string you know, a passphrase is a string you know.
      One is probably longer than the other, big deal.

      There IS no worthwhile difference.

      One may be longer than the other, but the longer the passwhatever is, the more likely I am to use dictionary words.

      The REAL solution is to use passwords properly, and to protect anything else with strong encryption.

      When is it safe to use passwords
  • by j1m+5n0w ( 749199 ) on Saturday February 12, 2005 @10:10PM (#11656015) Homepage Journal

    Passphrases are just long passwords with (usually) low entropy. They still have the same problems... You have to have a separate passphrase for each account, and you have to trust the computer you're using not to log your keystrokes. I would much rather carry around a device that can authenticate me and never have to remember a password again.

    Why don't we all just switch to USB tokens [rsasecurity.com] for authentication? You have one device that can authenticate you by generating an RSA signature without divulging any information that would allow someone else to pretend to be you. It amazes me that more people don't use these things. I've never used one, but have considered ordering one. Does anyone out there have experience with USB tokens? Is there a good model/brand to buy? Is it easy to get them to work with Linux and ssh? Do any brick-and-mortar stores sell them?

    • Public key cryptography does not necessarily mean using hardware tokens. Key exchange protocols use public key algorithms without hardware tokens or public key infrastructure by seeding the key exchange algorithm with a password. If the client and the server's passwords match they have a strong shared secret for the session. If they don't - no information has leaked.

      These methods are immune to sniffing and offline dictionary attacks and don't require long passphrases to be secure. You just need a password
  • by aardwolf204 ( 630780 ) on Saturday February 12, 2005 @10:13PM (#11656036)
    The company I work for has a password policy like this:

    1. Must contain at least 8 characters
    2. Must contain at least 2 lowercase letters
    3. Must contain at least 2 capital letters
    4. Must contain at least 2 numbers

    Since a lot of people cant grok this we start to see passwords like 34erdfCV. If you are using a QWERTY keyboard take a look at that password and tell me whats wrong with it.

    Since I saw this article in a MS Security newsletter I've started using passphrases. Here is an example of my Windows Server 2003 administrator login (local only, not going to help you). "Rent is due on the 5th". Now I see many comments already talking about how that is so much harder to type than "34erdfCV" but I beg to differ. For me at least it is much easier to type a coherent sentense than a bunch of random letters and numbers.

    This password is not only easy to type, but it is very secure. I'm sure some mathematician is going to come down on my with a bunch of stats about how I'm wrong and what not but just the fact that the LM hash is not stored when you use a password larger than 14 characters helps significantly. Sure you can tell windows not to store a LM hash by editing the registry but do you really expect all employees of a mid size company to follow directions that start out like "Click Start, then Run. Type 'regedit' and click OK"?

    Now of course this isn't going to defend you against the ol' linux bootdisk trick, or that awesome "NT Password Recovery" bootdisk, which is basically linux which allows you to overwrite the password, but thats what NTFS and encryption is for. And if you've got physical access all bets are off anyway. At least you know they wont be able to run a rainbow table lookup on your LM hash and figure it out in a few seconds.

    Also, passphrases are easier to remember, harder to guess, harder to figure out by watching someone type them, and if your really that dense you can just pick up a book off your shelf, turn to a page, type in the first sentense and remember the book and page number.

    And there is an added bonus to having a passphrase over 14 characters that you are all completely missing here. When the hot chick in accounting sees you keying in some enormously long password she will think your smart and savy and will want to have hot sex with you right there in the server room.

    Well, maybe not the hot chick and sex part.

    Now, what would be a good long slashdot post without a question for you to ponder. If you havent figured yet I'm the sysadmin at this company and am trying my hardest to find a way to "sell" this passphrase idea. It seems that the easiest thing to do in IT is configure complex servers and firewalls and support ID10T's. The hard part is "selling" common sense stuff like SSL and passphrases.

    "You mean we're going to have to add an 's' to the end of 'http', do you really expect 100 people to change their bookmarks! They've been using those bookmarks all year!"

    Insight from other admins very welcome.
  • by JamieF ( 16832 ) on Saturday February 12, 2005 @10:15PM (#11656050) Homepage
    Invent some source code static and dynamic analysis tools that help improve software quality as relates to security.

    Passwords matter NOT AT ALL when you can just send a packet and get full admin access without any authentication step.

    Who the hell else is better suited to innovate on security than Microsoft? We are to believe that they have 50,000 geniuses working there on groundbreaking amazing stuff... and the best thing they can come up with is a Java ripoff and a desktop search doodad? No. There are enough smart people there (or enough funds to create university research projects outside the softie-dome) to wow the world with some kickass new technology based on either genuinely new ideas, or old ideas that needed a lot of refinement to be usable on real code.

    I suspect, though, that this is something they're unwilling to do because the design itself is inherently insecure, and securing it would mean breaking 99% of shipping apps. If that's true, it means that Bill's committment to security is just lip service. Please, Microsoft, break apps that use crappy backdoors. XP SP2 broke stuff to improve security, and that was the right decision. Apple had to do something similar with the Carbon transition (breaking old apps that correctly used well documented but ill-concieved APIs from the pre-OS X days). Microsoft could provide tools to help ISVs be compatible with a Longhorn "clean API" that doesn't let apps use deprecated, unsafe features from the bad old days of not caring about security.

    Of course, they won't.
  • by Ingolfke ( 515826 ) on Saturday February 12, 2005 @10:16PM (#11656056) Journal
    I think this method is flawed for a few reasons.
    1. Fat fingering - People fat finger their 8 char passwords already. With a 40 char pass phrase their just that much more likely to mistype the password. If someone is mistyping 1 out of every 10 of their 8 char passwords it follows that they would only correctly type every other password if it was 40 chars long.
    2. Typing sped will be reduced - People will slow down their typing to increase their accuracy when typing a 40 char password into a text box that shows asterisks or blank space. This makes it easier for individuals looking over their shoulder to see which characters their typing.
    3. Phrases include hints - Now someone could come up with a completely nonsense phrase, but that sort of defeats the purpose of the easy to remember pass phrase in the first place, so it's likely that individuals will use a phrase that follows standard local language grammer which means that if someone is able to see a single piece of that phrase they are then able to narrow down the scope of the possible phrases that could be the passphrase. Of course simple passwords contain these types of hints as well.

    • by NOLAChief ( 646613 ) on Saturday February 12, 2005 @11:59PM (#11656644)
      I suspect one reason a lot of 8 character passwords are "fat fingered" is because anymore we're being forced to create supposedly strong passwords out of more or less random characters. Thus they are forced to type something that would not naturally be typed, so people fumble it. I know I do it at work.

      This same jumble of characters I would think would do more to kill typing speed. Again, they're "fat fingering" it because they're not typing in natural letter combinations, so when the authenticator barfs, they slow down the next time and mash each letter slowly and methodically. I think it would be faster for most people that know how to touch type (hunt and peck management types are more or less boned) to type an 8 word phrase than an 8 character random mess.

      You do have a point here, but "standard" grammar (not to mention spelling ;)) has a bad habit of widely varying over relatively narrow regions, particularly among languages like English that have very poorly defined grammatical rules. A locally-originating attack might have a chance of succeeding, but some hacker in Asia might have a harder time parsing a passphrase written by someone in the US Deep South.

  • Yah right (Score:3, Interesting)

    by tsotha ( 720379 ) on Saturday February 12, 2005 @10:28PM (#11656136)
    This would never work at my company. If you mistype your password three times your account gets disabled and it takes all day to get it re-enabled. I figure passphrases would last about, well, one day.

    Except for that Indian guy in the next office who never misses a key. Should have been a pianist.

  • by melted ( 227442 ) on Saturday February 12, 2005 @10:56PM (#11656311) Homepage
    that he's an MS empoyee, because what he suggested is stupid. People's vocabularies are not that extensive, so passphrases are easier to crack than they seem.

    Multifactor auth is the only cure. I wish there was something available to implement it besides smartcards. Something that doesn't require a smart card reader and works everywhere, preferably something wireless within a few feet. You could do three-factor auth, even. This "something", pin code and biometric (fingerprint). That would be pretty darn cool.
  • by dmiller ( 581 ) <djm@@@mindrot...org> on Saturday February 12, 2005 @11:44PM (#11656576) Homepage
    Microsoft calls for password replacement because of "precomputed hash tables"? This very amusing, because it is pretty much only Microsoft who is vulnerable to these attacks. Why? they store only the hash of the password. Because there is a (nearly) one-to-one correspondance between password and hash, attackers can build up tables of precomputed hashes and use these to directly look up the passwords.

    Everybody else mixes random salt bytes into passwords prior to hashing. Unix was doing this over 20 years ago. Modern systems use long (16+ character) salts that make precomputed hash tables infeasible for many years to come.

    Some platforms use a better system [openbsd.org] still, that makes it more difficult for password guessers now and well into the future.

    The only intrinsic problem with passwords is that people choose dumb ones, but again this can easily be fixed with a little technology [openwall.com]
  • by Bruha ( 412869 ) on Sunday February 13, 2005 @12:01AM (#11656658) Homepage Journal
    Is systems with RSA keys that you swipe at the terminal, loads up your desktop (these are thin clients) and all applications necessary to do your job. It also lets you into everything you're authorized to access. This seems to be pretty secure IMO with the onus on the users to maintain physical security of their passcards and the company to make sure those who enter the building are who they are.
  • by Whatchamacallit ( 21721 ) on Sunday February 13, 2005 @12:03AM (#11656673) Homepage
    Changing passwords frequently and forcing users to choose new passwords as well having way too many passwords. I'm up to about 30 for the corporate network. Some I only use once in a while and they are generally expired when I do.

    Come up with a tool to help users choose a quality password and have them change it less frequently. OS X has a password strength indicator which is accessible from the change keychain password dialog box. Click the little i button next to the ? button. It will measure the quality of your password.

    We are working on SSO - Single Sign On because the users swamped the outsourced help desk with thousands of extra calls every month due to passwords getting locked out. Most users have an average of 12-20 passwords with admins having many more.

    SSO should reduce the number of passwords to 4-5. We will also be implementing something like an RSA hardware key at the same time, this gives you two distinct checks.

    Personally, I like the idea of a USB based device that works like a smartcard. Plug it in and type a high quality pass-phrase and then you can access everything and never type another password. Time it out with the screensaver. Auto-lock everything if you unplug the USB device.

    If the USB key is lost, replace it and invalidate the keys that were on it. Of course, this sucks if the device is lost and you are traveling.

    IBM's running an ad with a biometric scanner built into their ThinkPad's. Now that's an idea, the user can't lose their USB key or RSA token that way, just the whole laptop!
  • by PsiPsiStar ( 95676 ) on Sunday February 13, 2005 @12:52AM (#11656902)
    Loftcrack, you said?

    Thanks. :)
  • by ThisIsFred ( 705426 ) on Sunday February 13, 2005 @01:53AM (#11657148) Journal
    No matter how you slice it, a plain old brute force password cracker (like l0phtcrack) won't be made obsolete by this. It's sort of a trade-off, on one hand the password is longer, on the other hand, the majority of possible characters are going to be from a very short list of 26. Consider these points:

    * As some already pointed out, sentences have a regular structure, where certain types of words go in certain places. That's a lot of predictibility. Almost every normal sentence begins with a capital letter... Uh oh.

    * Sentences contain lots of spaces. Words in the English language are predominantly constructed of a very small group of letters; US TV viewers would know the normal suspects as those the contestants guess on the last round of Wheel of Fortune. Repetition is bad.

    * Sorry, but sentence punctuation doesn't meet my requirements for possible permutations. Most sentences use only a period, and to a lesser extent, an apostrophe and maybe a comma. There are 29 non-alpha, non-numerical characters on my keyboard.

    * My users have more than just a network logon, and not all of those programs accept long passphrases. There's an added possibility for confusion.

    * Users are going to do things like forget which letters are capital (oh please - they're still confused by caps-lock), whether there is a comma in some space or not, and very likely lose their place with a long passphrase if they aren't expert typists. This creates frustration, and when users get frustrated, they do things like leave the machine logged on all day (even when they leave the room). And that creates headaches for me, because it's more likely that someone will sit at a logged-on machine than walk into my locked server room, log on as admin, and get a SAM or shadow-file dump off the server.

    I like someone else's suggestion, although I don't recall who it was. Make the user type his new, complex password ten times. If I can memorize 20 complex passwords, my users can memorize one.
  • by Dwonis ( 52652 ) * on Sunday February 13, 2005 @02:18AM (#11657312)
    We have created a great innovation: the abolishment of passwords. In their place, we introduce the new Windows Active DRM Passphrases.NET XP (TM) web service.

    Patents pending.

  • by Angst Badger ( 8636 ) on Sunday February 13, 2005 @02:50AM (#11657461)
    There isn't much of a difference between a ten-character password and a ten-word sentence except that the "character" set is larger, and not really by that much. Let me explain:

    The average adult has a vocabulary of about 20k words, and actually uses much less than that on a routine basis. Let's be really generous, though, and assume we are dealing with highly literate people with a vocabulary of, oh say, 65536 words. ;)

    What you just implemented is a 16-bit character set, and your ten-word phrase is computationally equivalent to a twenty-character password in the 8-bit extended ASCII set.

    You can complicate things by making it case sensitive, but I have a feeling that would be more trouble than it's worth with the average end user, who can't be relied upon to handle consistent capitalization. (Scroll up and down through the comments for pertinent examples.)

    But it actually gets worse than this. Whereas a ten-character password consisting of random characters has no internal structure, natural language phrases and sentences do. Consequently, if you want to build a brute force password cracker for phrase-based passwords, you can save yourself a lot of time by checking the set of grammatically correct phrases first. After all, "now is the time for all good men to come to the aid of their party" is a lot more likely to be someone's passphrase than "sniffle upchuck defenestrate furry therefore pretense macro recoil lemon beyond". It's no objection to say that a formal grammar for English won't match everyday use; you can just use something like the SEQUITUR algorithm to build an approximate real-world English grammar from Usenet postings, the Wikipedia database, or Google.

    In other words, all this extra effort accomplished was to convert a ten-character password into something a bit less secure than a twenty-character password. Or, in the real world, where end users will be using things like five word passphrases, you get something roughly equivalent to a three-character password.

    That this idea was proposed in the first place is a perfect example of mistaking data for its representation.
  • by Alex Belits ( 437 ) * on Sunday February 13, 2005 @02:58AM (#11657503) Homepage
    that humans are capable of using (that is, they can remember and type them) is approximately the same as the number of pass phrases because phrases contain common words. If every pass phrase was replaced by an abbreviation ("Mary had a little lamb 88aapzF" -> "marhalilmb88aapzF"), there would be a pretty low number of collisions, and abbreviations would be usable as short passwords that are just as good as the phrases they were derived from. Therefore this idea produces nothing but an increased amount of typing.
  • Simple Strategy (Score:3, Interesting)

    by Mazem ( 789015 ) on Sunday February 13, 2005 @03:17AM (#11657577)
    1: take 2 words
    2: put them together
    3: l337'ify it.


    hard to crack, easy to remember.
  • by bug ( 8519 ) on Sunday February 13, 2005 @05:50AM (#11658131)
    I'm sorry... but did a Microsoft employee just poopoo password security using the argument that rainbow tables make them obsolete? That's absolutely hilarious. Brute forcing of passwords using rainbow tables (e.g., rainbow crack) is only feasible today when passwords aren't salted. Microsoft's LanMan hash system doesn't bother salting (or doing a bunch of other things that would be wise from a security perspective). If Microsoft had bothered to implement a halfway decent password storage system, then their users wouldn't be nearly as susceptible to password cracking as they are today. There's a reason for salts and nonces, people!

    By the way, for those of you managing WIndows networks, make sure that you turn off the LanMan hashing system. Disabling this will do a lot to prevent a compromise of one single system in your network from turning into a cascading compromise of everything. N.B., this is only practical when you don't have Win9x-based OSes on your network, but those don't really belong on a corporate network anyway (easier said than done, I know).

    All this being said, you have to be careful to not go too far with password security. The bad guys always go for the weakest link in the chain. If the hash and password strength requirements are too difficult to reasonably break through off-line cracking, then the bad guys will just get the passwords through keyboard loggers or inserting trojan shims into your password and authentication systems. After all, grabbing the password hashes is only practical given administrator access, so you have to assume that a bad guy can install a keyboard logger, too.

    If you ban passwords in favor of PKI smart cards, biometrics, SecurID, one-time-passwords, or the other really complicated and expensive solutions, you still haven't done a great deal. The folks advocating these systems are either ivory tower types with little foundation in operational reality, or marketing droids trying to sell you something. Once again, assuming a bad guy already has administrator access to a system, he can wait until you authenticate to another system, and then take control. Remember, you are not authenticating to the remote server, you are allowing your workstation to authenticate to it. If you assume a potentially compromised workstation, then your fancy shmancy authentication system that cost you a bundle to implement just became almost as useless as passwords.

    If you want to keep the bad guys from stealing or subverting your authentication mechanisms, then you're going to have to prevent the bad guys from getting onto the systems in the first place, including all of the workstations. Looking at yet another monsterous list of critical vulnerabilities released last Tuesday from Microsoft, it's pretty clear to me that Microsoft hasn't done a great deal to prevent successful remote attacks when they sold their software in the first place.
  • One Time Passwords. (Score:4, Interesting)

    by frob2600 ( 309047 ) on Sunday February 13, 2005 @05:59AM (#11658157)
    I'm not sure why he was taking so many jabs at Linux. Well, okay... I know exactly why but this seemed especially odd to me since I have disallowed passwords on all my computers unless the user is sitting at the keyboard. And that is mainly because I haven't got X to work with one time passwords yet (besides... how would I calculate them without being able to run the program to generate one?).

    I use s/key or opiekey (depending on OS) for ALL my remote logins. Both of these programs use a pass phrase but (even better) this pass phrase is never transmitted across the network... encrypted or not. What happens is the pass phrase is used to generate a one time pass phrase.

    In practice it looks like this:
    ssh localhost
    otp-md5 498 la7365 ext

    I then open another window: type in
    opiekey 498 la7365 ext
    Using the MD5 algorithm to compute response.
    Reminder: Don't use opiekey from telnet or dial-in sessions.
    Enter secret pass phrase:

    type my passphrase at the prompt and it spits out:
    I type that at the password prompt and go on my way (cut and paste between xterms is best here). Even if I was not using an encrypted protocol the password is useless once it is used. You can even hit enter once so the phrase will be echo'ed back to you on the screen so you don't mistype it. Doesn't matter if someone reads over your shoulder because GIG DIRE EGG HISS HUB COOK will never work again.

    Next time my password might be:

    Or whatever. The point is that it is a mixture of pass phrases with the ability to avoid sending your pass phrase over an untrusted connection. You can even print out a list of the next 10 pass phrases you will have so you can log in from a computer where you wouldn't trust it enough to run the opiekey program.

    How exactly is this an insecure linux system, at least in regards to passwords?

    lol, besides that... I think pass phrases are a good idea. Just a little anoying at first.
  • by erik_norgaard ( 692400 ) on Sunday February 13, 2005 @08:11AM (#11658477) Homepage
    Using passphrases does not add much more entropy, although they may be easier to remember. They are still prone to sniffing, 40chars can easily be packed in a single ethernet frame. Could some one tell Microsoft to use encrypted connections?

    Users hate passwords, they hate typing them, and they hate having to remember things. They will always opt for whatever is easy. They will hate you if you set a lower limit of 30 characters, and their passphrase was 28.

    Passwords or passphrases - same thing - will be chosen easy the more obstacles you place on the users: Requiring users to change password every three months will leave your systems less secure:

    Users will choose easier passwords, and/or they will rotate just two different passwords. No security gained.

    Further, in the race with a bruteforce attack, nothing is gained unless you change your password to one that has been tried.

    In stead, as the administrator you have a head start in the race with the crackers. Go password cracking and require users to change their password when it has been cracked.

    If password is cracked too quickly it should be followed by disiplinary actions as a compromise of security. Ofcourse the users must be informed beforehand of such proceedures.

    Just my 5euro-cent contribution...
  • by tigertiger ( 580064 ) on Sunday February 13, 2005 @09:21AM (#11658660) Homepage
    I am surprised that nobody pointed this out but the dictionary attack this guy keeps touting only works if you have access to the authentication hashes. Which you usually don't have unless you have managed to break into the machine before. And then it doesn't matter much.

    UNIX used to keep the hashes publicly readable so non-privileged programs could check passwords (xlock), but this was abandoned years ago. On Kerberos, the password hashes are even stored on a separate authentication server.

    Technically, the hashing is still done so that a privileged user would not be able to extract another user's password, but as in most machines the privileged user also has full access to everything else (in particular he could intercept the password in transmission) it does not matter much. In practice, when you can get at the authentication hashes you already have full access to the machine.

    Also, dictionary attacks can be easily thwarted using the "salt", two bytes of random data that is added to the password before it is encrypted. So each password corresponds to thousands of hashes that you all have to store.

    If you do not have the password hashes, the only way to break a password is trial-and-error, and most systems limit password entries to one every few seconds.

    Network sniffing attacks are not limited by the length of the password, but by the length and complexity of the encryption keys which are randomly generated. Successful attacks on encrypted communications usually happen when these keys are chosen too short and not randon enough (WEP).

    The truth is that even a simple password is relatively secure, and people touting complex password rules do so because they read 10 year old books.

    Well, except if you use 20 year old software...

Experience varies directly with equipment ruined.