Is There a Better Way to Create Secure Passwords?

"Forget all the rules about uppercase and lowercase letters, numbers and symbols; your password just needs to be at least 12 characters, and it needs to pass a real-time strength test" developed by the passwords research group in Carnegie Mellon's CyLab Security and Privacy Institute (according to the Lab's web site).

CNET reports: After a user has created a password of at least 10 characters, the meter will start giving suggestions, such as breaking up common words with slashes or random letters, to make your password stronger...

One of the problems with many passwords is that they tick all the security checks but are still easy to guess because most of us follow the same patterns, the lab found. Numbers? You'll likely add a "1" at the end. Capital letters? You'll probably make it the first one in the password. And special characters? Frequently exclamation marks...

In an experiment, users created passwords on a system that simply required them to enter 10 characters. Then the system rated the passwords with the lab's password strength meter and gave tailored suggestions for stronger passwords. Test subjects were able to come up with secure passwords that they could recall up to five days later. It worked better than showing users preset lists of rules or simply banning known bad passwords (I'm looking at you "StarWars")...

Lorrie Cranor, director of the CyLab Usable Security and Privacy Laboratory at CMU, says the best way to create and remember secure passwords is to use a password manager. Those aren't widely adopted, and they come with some trade-offs. Nonetheless, they allow you to create a random, unique password for each account, and they remember your passwords for you.

Yes

[JD-1027]

correcthorsebatterystaple

Re:

[AleRunner]

“correcthorsebatterystaple” — is no longer good advice. The password crackers are on to this trick. Schneier [schneier.com]

Re:

[battingly]

“correcthorsebatterystaple” — is no longer good advice. The password crackers are on to this trick. Schneier [schneier.com]

I don't think that's true. The point of the xkcd scheme is to generate a strong password that is *easy* *to* *remember*. Whether somebody is on to it doesn't matter. You can tell the hacker you're using the xkcd method, but the strength is still comparable to 8-10 random characters. But the point is, and people tend to forget this, is that the xkcd scheme yields passwords that are way easier to remember. In other words, the xkcd is good advice for the use case where the password must be easy to remember.

Re:

[BeerCat]

The xkcd methodology may be good advice (or at least "good enough")

The issue is that too many people have literally used correcthorsebatterystaple as their password choice, that it now features on lists of commonly used passwords.

Re:

[jeromef]

Dropbox even changed their password verification at the time: https://nakedsecurity.sophos.c... [sophos.com] :)

Re:

[Bengie]

If I was making a password verification system, I would try to figure out a way to make sure their password doesn't exist in a set of all known leaked passwords ever.

Re:

[webnut77]

The issue is that too many people have literally used correcthorsebatterystaple as their password choice.

There are permutations:
o -> 0
e -> 3
a -> @
a -> 4
t -> 7

"c0rrecthors3b@t7eryst4ple"
Know l337 speak helps.

Re:Yes

[gosso920]

You could always use l33tsp3ak to create passwords, based on song lyrics.

S3ttheC0n+r0lsf0rth3H3@rt0fth3Sun

18 quintillion. Schneier has not supported his ide

[raymorris]

Quick background so you know where I'm coming from:
I developed possibly the most-used password security program for web sites and I've analyzed millions and millions of attempts at guessing passwords. I've analyzed well over a million passwords that DID get cracked, so I've seen what get cracked.

Schneier says "password crackers on on to this scheme".
It doesn't MATTER if bad guys know that some people choose four random words. They also know that password managers will generate 10 completely random characters. Attackers know about AES and scrypt too. That doesn't mean you shouldn't use AES and shouldn't use random characters.

Here, in order to promote "the Schneier scheme", he is actually arguing for security by obscurity. He knows that we should ALWAYS assume that the opponent knows the scheme. Assuming the opponent doesn't know the scheme is security by obscurity (bad). The entire field of security is about coming up with schemes that work REGARDLESS of whether it's widely known or not.

Schneier has made no argument that the XKCD scheme is ineffective. He's only said it's well known. Yeah AES and SHA384 are well known too. Widely known as being extremely secure.

Assume a word list of 100,000 words. That's 16 bits of entropy per word. So four words, without any additional parts to the passphrase, is 64 bits of entropy. (You can easily add a few more bits with misspelling, dropping letters, and the like).

That is to say, if I know that you've chosen four random words, there are 18 quintillion 446 quadrillion 744 trillion 73 billion 709 million 551 thousand 615 combinations I need to try.

If I'm "onto your method", I suspect that the password you've chosen is one of the 18,446,744,073,709,551,615 word combinations. Okay, what am I going to with that? Try all 18 quintillion?

In the article, Schneier suggests 9 random LETTERS.
Each letter is just under 6 bits of entropy. Using mine letters, you get 51 bits of entropy. That is, Schneier's method is 8,000 times WEAKER, even assuming that the attacker knows you used the XKCD method.

Selecting letters and numbers completely at random is 6 bits per character. Adding punctuation at the end is three bits. So 10 completely random letters and numbers, plus a punctuation mark, is 63 bits.

Four random words is stronger than 10 random letters and numbers, plus a punctuation. And four words can be easily remember.

Let's do the math on that

[raymorris]

You make a fair point that random words is different from arbitrary words. HOWEVER that's also true of letters in Bruce's scheme!

There are a LOT more words starting with S or T than there are starting with Z, V, or J.

Also, there are damn sure a lot more words than there are letters. Whether they are chosen randomly or arbitrarily, words (XKCD) give you a hell of a lot more entropy than single letters ( Schneier).

Remember, the Schneier scheme IS the XKCD scheme, except ignoring all of the letters in the word other than the first letter. So any and all criticisms of the XKCD scheme automatically apply to the Schneier scheme.

The differences between the XKCD scheme and the Schneier scheme are:

A) The XKCD scheme uses the whole word. The Schneier scheme uses ONLY the first letter of the word.
B) The XKCD scheme uses about four, the Schneier scheme uses about 8.

Schneier is using twice as many tokens, and drawing his tokens from the set of 26/52 letters. Munroe is using four tokens and drawing his tokens from the set of all words.

In other words, Munroe says "pick four words".
Schneier says "pick four pairs of letters".

Which has more entropy, a pair of letters or a word?
If choosing a word gives more entropy than choosing a pair of letters, Munroe's method is better.

Knowing that words are far more likely to start with S, A or T than with K or Y, Schneier's method gives us 4-5 bits of entropy by choosing the first letter of a word. That is, it's the same as drawing a random choice from a set of 16-32. So the first letter of two words gives you about log2 16*32 choices, or 512.

Let's assume in Munroe's method but only common words may be used. Are there more than 16*32 common words? Are there more than 512 words that might reasonably pick? Yes, there are. On average people use about 1,000 different words on a given day. Munroe's method wins.

On top of that, Munroe's method, by using whole words, gives room for additional entropy added creatively. My wife and I have a joke about "Calevert", a word you won't find in the dictionary. I might use that. I might use a "word" my kid uses when she was two, such as "peeuhboner" instead of peanut butter. I might think of Good Morning Vietnam and use gOOOOd as one of my words. Schneier's method of single letters doesn't really allow for that.

Another way of looking at it (or two)

[raymorris]

Here are two other ways of looking at it that may be even more intuitive.

Consider a new method, which I will call the 4x2 method.
In the 4x2 method, you pick four words and use the first two letters of each word.

For example, let's say you choose:

Bed
Trust
Chevy
Pool

Your password would be BeTrChPo.

It should be obvious that this is almost exactly equivalent to the Schneier method, it gives about the same amount of entropy (randomness). That is, the 4x2 method and the Schneier method are equally strong, because they are almost the same thing.

Suppose you pick these words in the 4x2 method:

Before
Truth
Checkers
Police

Your password would be BeTrChPo. Which is the same password we got from completely different words above! The 4x2 method generates the *same* password for many different combinations or words.

On the other hand, the XKCD method doesn't have these collisions, it can generate far more different passwords. Far more possibilities = much harder to guess.

We saw that 4x2 is much weaker than XKCD. We see that 4x2 is approximately equivalent to the Schneier method. Therefore the Schneier method is much weaker than the XKCD method.

Let's consider HOW MUCH weaker, and further prove it ...

Suppose all words were only two letters long.
If no words have more than two letters, the XKCD method would be exactly equivalent to the 4x2 method.

The 4x2 method is the same as the Schneier method.

Therefore, the Schneier method is equivalent to using the XKCD method while limiting yourself to only two-letter words! That's hugely worse.

That's not it

[Excelcia]

The number of common english words 7 letters or less is fairly small. If you are using from the diceware list, then your example has 3.6x10^15 permutations, or less than 52 bits of entropy. That's not great for a 25 character password that you're typing.

Plus you shouldn't be reusing passwords. As memorable as your example is, you can't keep enough random 4, or better yet, 5 word passwords in your head to be relevant. There is just no intersection of making passwords memorable enough to keep them all in

Re:

[Ed_1024]

That is a reasonable methodology. I find it hard to understand why tech-savvy people try and create their own passwords with their minds, based on things they know, when it obviously reduces the entropy enormously compared with an entirely random process.

Re:

[fph il quozientatore]

WTF are "LOCAL biometrics" that don't get sent over the internet supposed to be? An imprint of my buttcheeks? A drop of my blood? Because everything else, I am pretty sure that Facebook has it, even if I don't have an account there.

Re:

[gosso920]

That's funny. Your password just showed up as ****. Try it.

Re:

[iggymanz]

how would "a good dictionary attack eat that for lunch" exactly? Please tell algorithm. Do you know what a dictionary attack is?

170K english words in common use, a phrase of four words give 170K ^ 4 = 8.4E20 possible combinations.

Re: Yes

[Anonymouse Cowtard]

170k words is overkill. Look at what3words

Re: Yes

[NateFromMich]

Really enjoying the election temper tantrums from the Q cucks clan!

That is an amazing password!

Re: Yes

[Bengie]

Using an arbitrary word frequency lookup, "staple" is the least frequent word in that phrase, with ~7,000th. If the attacker used an alphabet of words smaller than this, they wouldn't get any hits. Lets assume they use the top 10,000 words. That would be 10,000^4, or about 53 bits of entropy. This does assume the attacker knows this information or this pattern is part of the "common patterns" tried. This wouldn't be too bad if Argon2 is used to stretch the password to take ~1/4 of a second. Nearly instant for the user, but long enough to make attacks a major pain.

Even a simpler KDF like pbkdf2, there are bitcoin miners doing 100tril hashes per second. Same concept would be applied to a pbkdf2 breaker. About 45 seconds to strait up brute force a direct SHA256 hash. Add 100,000 iterations via the KDF and now it's going to take the custom ASIC about 50 days. Without KDF and just hashing, about 1 min per password, but with KDF, 2 months. Seems to me that the passphrase works well. Using Argon2 would still be way better.

The real beauty of Argon2 is it doesn't have any practical hardware accelerations, as long as the dataset is large enough to not fit in cache. Argon2 does random memory access and memory access latency is nearly the same now as it was 30 years ago. Cache has gotten faster, but it has scaling issues. Unlike pbkdf2 which is 1,000,000x faster on ASIC and CPU, Argon2 is only at best several factors faster, assuming it's configured correctly.. That same password that would take 2 months to brute force with pbkdf2 would take around the magnitude of 1million years with Argon2.

Re:

[hcs_$reboot]

"correct", "horse", "battery" and "staple" all belong to the 3000 most used words. That's 3000^4, or 8.1E13. Still a lot, but definitely doable.

Re:

[battingly]

I know it's popular to say the xkcd method is weak, but I've never seen a good analysis to back that up. Schneier simply says "hackers are on to this" without actually demonstrating any kind of weakness to this scheme.

Re:

[iggymanz]

it's not weak, tards don't understand permutations. And the objection I was replying to, claiming "weak against dictionary attack" obviously doesn't even know what a dictionary attack is.

Re:

[Bengie]

The biggest benefit of passphrases is that it eliminates all other kinds of password cracking attacks and forces them to use "dictionary" attacks. If you're using a password, because the lengths are so short, you need to care about things like special characters, making sure it's "long" enough no matter what, and other annoyances. With a passphrase it pretty much comes down to 4-5 words. That is sooo much easier to explain and implement, not to mention remember.

Re: Yes

[Skapare]

> "A good dictionary attack will eat that for lunch."

my new password is "agdawetfl1".

Re:

[Kisai]

The problem, as often stated, is that people can not remember the passwords, and can not trust "password management" tools. If you can't remember it, you can't use it.

Like my own password mnemonic works, but if you start telling me to not use specific characters because they're overused, that is drastically missing the point and the problem.

If my password is "CorrectHorseBatteryStaple1!" on one site, and the next site is "HorseCorrectBatteryStaple1!", then they have the same attack surface which is 2.53 x 1

Re: Yes

[ChatHuant]

A dictionary attack would of course make each word equal to only having one character of entrophy. So "HorseCorrectBatteryStaple1!" is the same as "HCBS1!" and can probably be cracked in 4 seconds given knowing what the mnemonic is.

No, it's not, because the item space is much larger for words than for characters. More simply, there are many words starting with H, C, B or S and only one each of the single characters. An attacker would have to try "Horse", "Hare", "Hearse", "Hope", "Heart" and so many others for the first case, and only "H" for the second. The complexity of the first password is orders of magnitude larger than the second one.

Re:

[mysticgoat]

HorseCorrectBatteryStable1

HCBS1

AitchSiBeeEss#1

That last is reasonably easy to recall (reconstruct) and is almost always reported as "Strong".

Re:

[nitehawk214]

And anyhow, good luck remembering which password you used on what site with how similar they are.

Just use a password manager that makes a password that is the maximum complexity the site allows. (I often get warnings of passwords that are too long at 16 chars. Pathetic.)

Re: Yes

[DarwinSurvivor]

Not even close. 1 of a possible 170k words is NOT the same as 1 of a possible 26 characters. In fact, there are 6538 times as many possibilities per instance.

• HCBS1! assuming always capitals, a number and a a possible exclamation point is 26^4*10*2 = 9.1e6
• HCBS1! assuming always lower or upper case, a number and a a possible exclamation point is 52^4*10*2 = 1.4e8
• HcBs1! assuming 6 completely random upper case letters, lower case letters number and special characters (20 possible special characters) = (52+10+20)^6 = 3.0e11
• HorseCorrectBatteryStaple1! assuming 4 words (170k possible words), first letter capitalized, 1 number and a possible exclamation point = 170k^4*10*2 = 1.6e22
• HorseCorrectBatteryStaple assuming 4 words (170k possible words) and NOTHING else = 170k^4 = 8.3e20 (that's an 8 with 20 zeros, or 83 ExaPasswords)

So even without adding any numbers, special characters or character substitutions, 4 random words are inconceivably more secure than even completely random sequences of characters.

Just 4 words would take

Re:

[ewibble]

While true I am sure most people would pick from of much smaller set words than 170k, but still much better than 1 letter.

Re: Yes

[peragrin]

Give me a oaswierd management tool that.

Works on all OS, works on all browsers, including all mobile devices. Desktops etc, on all platforms.

If I borrow my sister's laptop to order something quickly i need access to that password. Or use a library computer ,etc.

What password manager do I use?

Answer there are none.

Re:

[Bengie]

Bitwarden can be access from

Any modern browser, requires javascript as it does client side decryption
Browser extensions: Firefox, Chrome, Edge, Brave, Opera, Safari
Native App: Windows, Linux, MacOS, Android, iOS
Commandline: Windows, Linux, MacOS

I'm not sure what more you want. I'm not saying BW is perfect, but it does exist.

Re:

[ewibble]

For me give me one that also doesn't store my passwords in a decryptable format on someone else's server, even if I trust some random service on the internet no to deliberately steal my password, if they get hacked all my passwords are now broken.

Re:

[Bengie]

Not all services lock accounts. There are big banks that have no form of rate limiting and you can brute force TOTP by sending 1 million logins in 30 seconds, trying every 6 digit number. One of them is going to work. BANKS!

Re:

[ewibble]

My bank if you enter the password wrong 3 times, it locks the account, you have to ring them up and change it, they won't even just unlock it. Now brute force attacks will work if someone gets hold of the password file. But any good system will lock you out at least for a while if get the password wrong too many times.

Re:

[arglebargle_xiv]

Password management requires managing lots of complex data. Computers are made to manage lots of complex data. Humans are not. Therefore the best way to manage passwords is with the appropriately-named tool called a "password manager".

Academics gotta academic

[93 Escort Wagon]

But why should I care whether or not I can remember most of the passwords I create? That's why I use Bitwarden. I only have to remember one - rather long - passphrase.

If you're still stuck on "I must pick passwords I will remember in the future", then your password security pretty much sucks.

Re:

[postbigbang]

I agree, but prefer token devices, as in YubiKeys, etc. Forget the expletives-deleted passwords. Remember your key, plug it in, and nothing else is needed, except an alternate auth key that you keep in your sock drawer.

Re:

[AmiMoJo]

I wish more phones supported this. The Pixel line have a Titan security key built in, works over Bluetooth. Then you have an additional layer of biometrics on top.

Re:

[NateFromMich]

That's why I use Bitwarden.

The one that gave full rights of your machine to their developers? Good luck with that.
I have a friend who is fond of saying "Security is the opposite of convenience." I keep seeing that proven correct.

Re:

[Voyager529]

That's why I use Bitwarden.

The one that gave full rights of your machine to their developers? Good luck with that.

I have a friend who is fond of saying "Security is the opposite of convenience." I keep seeing that proven correct.

Can you go into a bit more detail on this? Bitwarden is open source and can be self hosted, even run exclusively internally with no external access and a 'deny any any' rule on a firewall...so, how is Bitwarden giving full rights to developers?

Re:

[Bengie]

USB security key like yubikey are both easy and secure. The yubikey is arguably the most secure part of the entire authentication process, including HTTPS. It's pretty much impervious to remote attacks and can be very resilient to physical attacks assuming the service requires the pin. Personally, I almost only care about remote attacks.

Acronym passwords

[Rei]

Acronym passwords allow for a nice balance between entropy, brevity, and ease of memorization.
Apafanbbe,b,aeom.

Add whatever substitution / insertion rule tweaks you want.

Re:

[Rei]

Aws/irtyw.

Re:

[140Mandak262Jamuna]

Ticker symbols and best trade you remember are nice. TSLA420.69

Re:

[ctilsie242]

The ironic thing, in ages past, this is what Norton suggested to people for creating secure passwords back in the 1990s. Some song lyrics, toss in a number or symbol, call it done. It seems quaint, but back when hashing passwords with two characters and a couple rounds of DES was more than adequate, this wasn't a bad system, especially if the password was dictionary checked before being allowed to be used.

/dev/urandom

[jmccue]

try:

tr -cd "[:alnum:]" /dev/urandom | fold -w 30 | head -20

and use a password manager. I use GNU emacs on an encrypted text file for each site. For servers I use ssh/ssh-keygen

Re:

[John_Sauter]

try:

tr -cd "[:alnum:]" /dev/urandom | fold -w 30 | head -20

and use a password manager. I use GNU emacs on an encrypted text file for each site. For servers I use ssh/ssh-keygen

I think you got the syntax of tr wrong. Here is what worked for me:

cat /dev/urandom | tr -cd "[:alnum:]" | fold -w 30 | head -20

Re:

[jmccue]

Your are correct :) I had a less-than sign before /dev/urandom, but slashdot stripped it out and I did not notice on preview.

randomly generated passwords work too

[l2718]

I use the following, but many variants work.

tr -dc A-Za-z0-9_ < /dev/urandom | head -c 16 | xargs

Re:

[ctilsie242]

I had this happen as well. Instead, since passwords can be quite long, I've gone the "dd if=/dev/urandom bs=1024k count=1 | sha512sum" route, especially with passwords which never have to be actually typed, but just copied/pasted. Doing this way ensure that no real bad words pop up.

If it is a user password, I use randomly generated numbers that look like two phone numbers. (i.e. "000-000-0000+000-000-0000"). This way, if something goofy pops up, at most it will be a snicker, as opposed to a meeting with

No, tell me all the rules every time.

[John.Banister]

I have to disagree with "Forget all the rules..." I make my passwords with KeePass, and it makes nice passwords. But, then I have to remake them three times, because the site didn't tell me what's allowed and what isn't. Finally, it get a nice 35 character password that the password form likes, try to use it to log in, and the login form is set for a max password length of 32 characters and won't tell me what's wrong with my login. Explicitly tell me all the rules every time so I can make a password your site likes on the first try.

Re:

[bill_mcgonigle]

> the login form is set for a max password length of 32 characters

If they care about how long your password is, say under 2K, it's a good bet their site is going to be hacked soon anyway.

Secure-ish websites shouldn't care and eventually send a hash of your password to the server. Good luck brute forcing that db, fellas.

Re:

[AmiMoJo]

There really needs to be a web standard for passwords. Ideally 64 random characters, A-Z, a-z, 0-9.

Failing that at least some method for the site to specify a regex that details what characters are acceptable and the maximum length.

Re:

[Bengie]

An entire ECC public key can fit in 33 characters. By not just use asymmetric encryption and only pass the public key, then you never have to share your secret key. This way you can have the exact same "password" for every service and it wouldn't have to be encrypted, hashed, salted, or changed in the event of a breach.

use a password manager

[swell]

I have 92 password protected things (not all are sites) that need passwords. My memory is average at best. I'm happy if you can show me a way to memorize 92 passwords (and their associated URLs, usernames and other essential info). Until then, I use a password manager.

It's pretty simple...

[frank_adrian314159]

Don't share passwords between sites. Don't save them in your browser. Generate them randomly making sure that whatever generation algorithm you use includes at least 15 characters, with at least a couple each chosen from capital characters, lowercase characters, digits, and special chars. Since you won't be able to remember them, use a password manager. This should keep you somewhat secure for the next couple years.

Re:

[green1]

"don't save them in your browser"
"Use a password manager"

You realize that those 2 points contradict right?

Re:

[ctilsie242]

Depends. You can use a PW manager separate from a browser, like KeePass. It may take a little bit more time to alt-tab to the PW manager, copy and paste the result in, but it is a doable system.

Re:

[green1]

No, that doesn't answer the question.
Saving to the browser IS a password manager. You can't say "don't use the browser" and "use a password manager" and be consistent.

Now if you want to argue about WHICH password manager to use, sure, but you have to acknowledge that saving in the browser is one of the password manager choices, and one that is certainly no worse than many other options.

You also need to acknowledge that any password manager that works even if you lose the device, or works across multiple dev

Are you crazy?

[battingly]

Just use the password generator from your password manager. You're not using a password manager? In that case you've got bigger problems than password strength.

Re:

[Tony Isaac]

That's nice, as long as you use your accounts only on a computer. If you use multiple computers and mobile devices, good luck finding a password manager that is secure, that doesn't rely on cloud-based password storage where it can leak T, and lets you use passwords on any device. The whole concept of passwords is messed up, password managers don't fix that!

Re:

[battingly]

That's nice, as long as you use your accounts only on a computer. If you use multiple computers and mobile devices, good luck finding a password manager that is secure, that doesn't rely on cloud-based password storage where it can leak T, and lets you use passwords on any device. The whole concept of passwords is messed up, password managers don't fix that!

My password data never leaves my network and is synced to all my devices. I use 1password, but I'm sure there are others.

Re:

[Tony Isaac]

So you're willing to risk a data breach then, such as what happened to LastPass. Not ideal, for those who are concerned about password security.

Re:

[drinkypoo]

Lots of websites won't take those passwords.

Mega is one of them. And then it doesn't tell you why it won't accept your password. Which is why I've stopped using Mega. If I have to download crap from Mega, it's not worth having.

There was a site that asked me the five questions

[Provocateur]

You got all answers correct, and it logged me in. Before I signed off, it asked me if I wanted to pick a new password other than MAGA2020!

Use a Polish password generator

[Provocateur]

Then throw in a couple vowels.

Re:

[Canberra1]

PasswordSki QwertySki BillLewinsky2 JoeBidenski1 TrumpSkiKaput

breaking up common words with slashes

[grep -v '.*' *]

breaking up common words with slashes

What a surprise -- my password is: https://slashdot.org/ [slashdot.org]. There's lots of slashes there.

But really, my password is usually the first letters of an affirmation. It's been something reasonable, but lately it's: GooBYL is Get Out Of Bed You Loser. Append "@9!AM" and it's perfect! Except for the getting out of bed part, that is.

If I use a password manager I stay awake at night trying to figure out a working phrase for what it generates. That doesn't help either. And who'd want to staple a battery to a h

Corrupted phrases work pretty well

[WoodstockJeff]

What I hate is password systems that limit the length, or do not consider spaces to be valid characters. "We want you to make a secure password in 16 characters." When setting up online banking accounts this year, three out of four banks balked at my 32-character passwords. The one that didn't complain about the length complained that I used illegal characters. One even complained that the email address I gave them for the user ID was too long.

When asked to write a password system around 8 years ago, they g

Yes. Stop using passwords except when you pay.

[gurps_npc]

No reason at all for Facebook, Instagram, Slashdot etc. to require a password. The chance of someone else abusing my account for something is 0.01% and the effect of it would also be minimal.

And no, you do not need to use one when you log in to something that might charge you. If I buy something, then you ask for the password, just as a store asks for my credit card every time I buy. They are not ALLOWED to keep one on file to 'save you time'.

Why should websites do it if stores can't?

Idea is fundamentally flawed

[Tablizer]

The system shouldn't allow hackers to try a password a billion times. It should be hardware-throttled and maybe in a safe-like device, with rotated backups.

If we keep making passwords longer and more complicated to stay ahead of decryption technology, they'll be longer than War and Peace in the not too distant future. We'll lose the software race, so protect it with hardware instead.

Re:

[BeerCat]

The system shouldn't allow hackers to try a password a billion times. It should be hardware-throttled and maybe in a safe-like device, with rotated backups.

If we keep making passwords longer and more complicated to stay ahead of decryption technology, they'll be longer than War and Peace in the not too distant future. We'll lose the software race, so protect it with hardware instead.

Your suggestion of rate limiting will deter online attacks. I've seen a suggestion that even a 15 minute lockout after 3 wrong attempts, and attackers trying it over a long weekend - so no one is around to spot the attempts on the security logs - is just over 1,000 attempts. As long as your password is not in the 1,000 or so common ones, then you might get away with it.

The problem is when the attackers get hold of the password file, so have virtually unlimited time to do an offline attack. Then things get h

We don't need passwords

[adonoman]

Or better - stop using passwords. Given that every password out there is resettable by anyone with access to my email, just send me a login link with a one-time-hash that sets a cookie and logs me in. Slack does this just fine, and I never need to go to some password generator site to make up a new password.

just use words and more of them

[OpinOnion]

Passwords should be pass PHRASES these days. Don't use things you can't read and remember. The way to make a password long is just to use words. You can spell them wrong if you want more security. theBUNNYhopz2 is a great easy to remember password when you have two factor. A phrase password can be easily remembered on differenet platforms, like your phone and your TV vs one of those H9*ksdjs98sdjk)()DKD style passwords. theBUNNYfeetGOboom3425 is even more secure and still quite easy to remember. (obviousl

Yeah, right.

[msauve]

The biggest problem is people reusing passwords. Does anyone think "Test subjects were able to come up with secure passwords that they could recall up to five days later." for the hundreds (?) of websites they log into? Because, the article implies they might use the same password for multiple sites. That's doing it wrong. One site is violated, and you're screwed.

Use a respected password manager, and a stong password to access that.

Re:

[Tony Isaac]

Password managers are nice, as long as you use your accounts only on a computer. If you use multiple computers and mobile devices, good luck finding a password manager that is secure, that doesn't rely on cloud-based password storage where it can leak, and lets you use passwords on any device. The whole concept of passwords is messed up, password managers don't fix that!

Just switch un and pw

[140Mandak262Jamuna]

Do the unexpected and stump the hackers.

Do what I do. Enter the user name as password and the password as user name.

I have a better idea

[nehumanuscrede]

How about we:

Set a GD internet wide standard for password length, complexity and characters available for use. It's annoying as F when a site only allows N - 1 ( Where N is a secure length of digits ) number of characters, or a very specific set ( and each site is different ) of symbols.

It's one of my pet peeves when they decide: Oh, lets disable copy and paste and force the user to manually type ( twice ) something that looks like this:
" $nv-A68@/f%MLcbgRyH6 " ( which will take more than one try to get i

Strength is not the problem

[markdavis]

>"One of the problems with many passwords is that they tick all the security checks but are still easy to guess"

The problem really has nothing to do with the strength of passwords, unless the password is truly stupid, like "123456". No well-designed system is going to allow enough trials to ever guess it within a lifetime. 3 tries, medium lockout delay. X more tries, much longer delay, or throw a captcha. Fails again, lock out IP for a several hours. X tries from more than 1 source in X amount of ti

I've been thinking about...

[blahplusplus]

... using images. AKA all you would have to do is "upload" the image, an image as a password would be too big for anyone to guess and it's easy to grasp because you'd only need the file as a key to unlock your account, aka instead of typing in a password, you upload an image instead. So unless the hacker had the same image you did they could never guess, since images have huge bit space, one RGB pixel is 2^24.

So one 1024x768 image at 24 bit color would be 13,194,139,533,312... in length roughly... that is

Re:

[account_deleted]

Comment removed based on user account deletion

Use Linux utility apg and a password manager

[russbutton]

Generates a 15 character password with at least:

1 upper case letter 1 lower case letter 1 number 1 special character

apg -a 1 -n 1 -m 15 -M nCLS

Totally ugly and impossible to remember (which is why you need a password manager). The "- m" spec defines password length.

If you want to not have special characters, then use:

apg -a 1 -n 1 -m 15 -M nCL

Strength test is the weak ring

[aglider]

Once I crack it, i can own you.
The test sees my password in clear so I can have an insight on your choices if not the actual passwords.

MD5

[hcs_$reboot]

Have an MD5 prog or app available. Choose a simple password. Apply MD5. Copy-paste the 32 chars result into the password field.

How About A Pass Phrase, No Set Length?

[rally2xs]

Youre Gonna Need A Bigger Boat
Alas Poor Yorick I Knew Him Well
Ah Ah I Know What Youre Thinkin
Heres Looking At You Kid
It Aint Over Til Its Over
Theres No Crying In Baseball
Thats No Moon Its A Space Station
AJ Foyt Mario Andretti Bobby Unser

My solution

[John Allsup]

Pick a secret phrase for a class of websites, e.g. PinkFluffyBunny. Then for e.g. facebook, use

echo -n "PinkFluffyBunny:facebook" | sha256sum | cut -c1-64 | xxd -r -p | base64 | cut -c1-16

to get 16 random digits. This GNU one-liner can be implemented as a web page (using cryptojs) in a few hundred lines of javascript. Then I maintain a database of inputs (e.g. 'facebook' for facebook, as a google sheet) and hints as to what the secret phrase is (usually the first three or four characters from PinkFluffyBunn

No

[nospam007]

It's against the law.
Betteridge's law of headlines with a question mark.

Three Levels of Passwords, No Dictionary Attack

[DERoss]

I categorize my passwords into three levels, but they all have protection against a dictionary attack.

The least secure is stored on my PC in plain text. These are for logging into Web sites where my account merely contains my preferred settings or where performing non-financial tasks requires a login. Slashdot.org is one such Web site.

More secure (second level) are Web sites where I occasionally make purchases. These are stored in an encrypted file on my PC. I memorized the decryption password, which is

Memorable systems, not memorable passwords.

[twocows]

Assuming you're not one of the very small number of people likely to be targeted at the individual level rather than just as part of a drive by attack, use a system with a lot of different points of complexity that you can recreate easily. Use things that vary by site but are easy to remember in tandem with a more secure base that's shared across several sites. E.g. slasd8hotGREENxz8bGaX$20201 for slashdot and wikp9iediaWHITExz8bGaX$20192 for wikipedia. Common but easy to remember permutations, splitting up words with numbers that vary based on elements of the password, stiff that varies by site, etc. If you can create a system that generates a consistent password for different websites, it's both easy to recreate and hard to break unless individually targeted. And if you're being individually targeted you really need the services of a professional anyway.

Missed the problem

[holophrastic]

The problem isn't that passwords aren't strong enough. It's also not that users create passwords that are weak.

The problem is that humans don't secure things that don't matter to them.

How strong do you think I'm going to make my slashdot password? It's not important to me. If someone really wants to steal my slashdot account, I'll shed a tear and move on with my life.

Aside from my online banking account -- which has immediate and enormous effects -- pretty much everything else can be repaired, undone, or

For Luddites there are offline methods

[ArghBlarg]

.. blatant plug for these password generation helper devices. https://www.tindie.com/stores/... [tindie.com]

Re:

[The New Guy 2.0]

Yep, that's the paid version of most password managers... they'll give your passwords back to you on your computer, your phone, or anywhere else you authenticate correctly.

Re:

[93 Escort Wagon]

Well, to be pedantic - they're (hopefully!) not directly storing your passwords in the cloud; they're storing a password-encrypted copy of your password vault in the cloud. If someone manages to get hold of the encrypted vault, they still shouldn't be able to access your passwords - assuming you've got a strong enough password on it.

And, at least with Bitwarden - you can dump your trove of passwords and secure notes into a local JSON file, which means you don't lose all those passwords if you decide to stop

Re:

[ctilsie242]

If a password manager does not allow you to export the data out, be it JSON, .CSV, or whatnot, find another PW manager. Every so often, I get an encrypted USB flash drive that has a VeraCrypt container on it (the hardware encryption is to deter casual brute force attacks, while VeraCrypt guarantees solid software encryption), and dump all my stuff to that.

Passwords, and 2FA seeds especially. There are some items where if I lost a 2FA code, regaining access would be pretty much impossible, such as some NAS

Re:

[Whatsisname]

While the poster above is obviously trolling, I'll bite.

This isn't a matter of education and remembering passwords. A typical person has far too many passwords to remember. In my password manager, I have over 300 credentials. Every online merchant, every financial institution, every online service, each city park system where I sign my kids up for swim lessons, city/state/federal government systems, and so on. Each one requires its own username and password. Each one has different requirements. Some make yo

Re:

[ctilsie242]

It isn't just passwords. It is 2FA codes as well. With all the different sites with password rules differing, one either is using a PW manager, or a physical black book. Trying to remember passwords, or make up a system that changes the password for each site is silly. Especially with some sites wanting a new password every 90 days.

Re:

[gosso920]

Not a smart idea - users would just put the password on a sticky note on their monitors.

Re:

[Alain Williams]

My enibalty to spel wurds curructly mayks dyctunry utaks un mi puswors qwite haard.

Re:

[teg]

Not a smart idea - users would just put the password on a sticky note on their monitors.

While not the best of ideas, sticky notes attached to a screen are really tough to hack into remotely. Your account will be used for every office prank going forward, however.