0936: "Password Strength"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

User avatar
orthogon
Posts: 2690
Joined: Thu May 17, 2012 7:52 am UTC
Location: The Airy 1830 ellipsoid

Re: 0936: "Password Strength"

Postby orthogon » Tue Aug 29, 2017 4:45 pm UTC

ucim wrote:...with one caveat: when the words are put together, collisions cost you: "can" and "teenage" form the same password as "canteen" and "age". A proper word list is curated to avoid this.

... or you can just use bumpy case (so "CanteenAge" doesn't collide with "CanTeenage").

rmsgrey wrote:If you ask random people their birthday until you find someone who has the same as you, then, on average, you'll ask 365 people.

It's strange how unintuitive that is. It's easy to believe that if you kept asking thousands and thousands of people, on average you'd find a match every 365 people - that's kind of what a 1-in-365 chance means. And yet it feels like in your exercise, you'd probably get lucky before you'd asked 365 people, and if not you'd be bound to find someone soon after. The first part of that is sort-of true: the chance of finding somebody in the first 365 is almost two thirds; the second part is pure fallacy: our brains just can't handle memoryless processes.
xtifr wrote:... and orthogon merely sounds undecided.

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 2468
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 0936: "Password Strength"

Postby Soupspoon » Tue Aug 29, 2017 5:03 pm UTC

orthogon wrote:our brains just can't handle memoryless processes.

Yes. It seems we tend to forget how they actually work!

8-)

wumpus
Posts: 494
Joined: Thu Feb 21, 2008 12:16 am UTC

Re: 0936: "Password Strength"

Postby wumpus » Tue Aug 29, 2017 6:02 pm UTC

Eebster the Great wrote:But if those hashes are all salted with different salts, you cannot simply keep hashing with a single algorithm until you collide with at least one of them. Rather, you have to keep hashing with a particular salt until you collide with the hash of the single unique account using that salt. That's sort of the point.


I just realized my error. Basically a birthday attack can be simply stated as the advantage a rainbow-table/brute-force attack has on a password file as the size of the password file grows. Note that it is specific to a "rainbow table brute force" attack and not the standard "brute force using the known salt", which is always going to be faster for realistic sized .passwd files and good salts*.

* Note that random salts have their own [theoretical] birthday attack issues. Simply using numbers in a sequence would work better, although you should at least start with a random number (a "meta-salt", possibly stored separately) to avoid the creation of cross-site rainbow tables. The chances of this ever being a significant problem is zero (it might have come up way back when salts were invented and programmers avoided using two bytes when they thought one was enough).

morriswalters
Posts: 6899
Joined: Thu Jun 03, 2010 12:21 am UTC

Re: 0936: "Password Strength"

Postby morriswalters » Wed Aug 30, 2017 12:39 pm UTC

gmalivuk wrote:Randall's are all unique, too, because if two passwords were the same they wouldn't be two passwords.

And if memorization isn't an issue, just use randomly generated gibberish, as it will be much more secure than a list of discrete words.
Uniqueness is a multi-axis affair. He's unique by word not by character. And just what did you think I did? I even came up with a concept that would let me generate my random gibberish in a way that let me display it as a bar code so I could read in that particular bar code with a bar code scanner. Probably using a Raspberry Pi. Of course that isn't new, its called a token. And mine generates random passwords and labels them by an index which can recreate the password. Destroy the radios on a phone with a fingerprint reader and you can read bar codes off the display and protect them with a finger print. It wouldn't work I suppose, there must be something wrong with it. Or so I've been told.

User avatar
Eebster the Great
Posts: 2744
Joined: Mon Nov 10, 2008 12:58 am UTC

Re: 0936: "Password Strength"

Postby Eebster the Great » Thu Aug 31, 2017 3:45 am UTC

Uniqueness is not a "multi-axis affair". You have acknowledged what we have told you many times now, but you don't seem to have understood it. All that matters is how the password is generated. I could use any set of 4096 distinct tokens and have exactly the same password entropy as any other set, as long as each token is equally likely to be chosen. Each token could be a different word, or each could be a different spelling of the same word, or each could be a different integer, or each could be a string of n copies of the letter 'x'. It makes no difference in terms of security.

Of course, while all of the above are equally secure, that doesn't mean they are equally good choices of passwords for practical use. Passwords have other criteria of interest, such as length, memorability, and conformity to requirements. Using common words like Randall does is good for memorability but bad for length and conformity to typical password requirements (which often require non-letter characters, for instance). Using integers is bad for memorability, good for length, but still bad for conformity to requirements. Using different spellings of the same word is ludicrous and bad on all accounts. And using strings of copies of the letter 'x' is clearly the worst of them all. These are all equally secure, but they are not equally good.

Passwords used in a password manager are not required to be memorable, so other things are emphasized. Typically, they are randomly generated strings of characters drawn from a set which is small enough to be allowed by virtually all sites but large enough to have sufficient entropy for the given length. For these, there is no reason to do anything else; this system cannot be improved upon. Rejecting certain passwords because they double letters or whatever only reduces the space of potential passwords and therefore reduces entropy. But passwords we must memorize and use frequently should probably do something like Randall's recommendation. His system probably can be improved upon, but it is not obvious how, and it is already pretty good. One major downside is that many sites will not accept passwords consisting only of letters and spaces, but this can easily be solved by adding the same non-letter character to every password (0, for instance), which has no effect on entropy or memorability.

Your system is bad for memorizing, bad for satisfying requirements, and bad for security. You have already said the space of your passwords is (or technically has a bijection to) a strict subset of the space of Randall's passwords, meaning it has less entropy. And you have conceded that they are hard to remember. The advantage you claim is that they can be ordered according to an index, which I cannot really see the point of. In any case, the same is clearly true of Randall's. Whatever set of common words you are using, they will be listed in some particular order, so you can just number them starting at 1. Then, for any particular password, you can just replace all the words with their corresponding numbers (padded with zeroes) and concatenate them, giving a unique integer for each password and vice-versa. For instance, if the particular list you are using lists "correct" as the 107th word, "horse" as the 2451st, "battery" as the 74th, " and "staple" as the 3012th, you would turn "correct horse battery staple" into 0107245100743012.

Needless to say, there are plenty of other ways you could choose to go about it, and they are all quite straightforward.

RogueCynic
Posts: 359
Joined: Sun Nov 22, 2009 10:23 pm UTC

Re: 0936: "Password Strength"

Postby RogueCynic » Thu Aug 31, 2017 4:06 am UTC

Off topic but also on topic. I work with someone whose randomly generated id is qnb1cth. She thinks its funny.
I am Lord Titanius Englesmith, Fancyman of Cornwood.
See 1 Kings 7:23 for pi.
If you put a prune in a juicer, what would you get?

User avatar
ucim
Posts: 5564
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 0936: "Password Strength"

Postby ucim » Thu Aug 31, 2017 4:23 am UTC

RogueCynic wrote:Off topic but also on topic. I work with someone whose randomly generated id is qnb1cth. She thinks its funny.

It's also almost pronounceable, which makes it much easier to remember than (probably) most other seven character combos. It also helps that it's a username, so gets used more often than a password would.

The key to remembering a password is to use it a lot.

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

morriswalters
Posts: 6899
Joined: Thu Jun 03, 2010 12:21 am UTC

Re: 0936: "Password Strength"

Postby morriswalters » Fri Sep 01, 2017 11:30 am UTC

Eebster the Great wrote:
Spoiler:
Uniqueness is not a "multi-axis affair". You have acknowledged what we have told you many times now, but you don't seem to have understood it. All that matters is how the password is generated. I could use any set of 4096 distinct tokens and have exactly the same password entropy as any other set, as long as each token is equally likely to be chosen. Each token could be a different word, or each could be a different spelling of the same word, or each could be a different integer, or each could be a string of n copies of the letter 'x'. It makes no difference in terms of security.

Of course, while all of the above are equally secure, that doesn't mean they are equally good choices of passwords for practical use. Passwords have other criteria of interest, such as length, memorability, and conformity to requirements. Using common words like Randall does is good for memorability but bad for length and conformity to typical password requirements (which often require non-letter characters, for instance). Using integers is bad for memorability, good for length, but still bad for conformity to requirements. Using different spellings of the same word is ludicrous and bad on all accounts. And using strings of copies of the letter 'x' is clearly the worst of them all. These are all equally secure, but they are not equally good.

Passwords used in a password manager are not required to be memorable, so other things are emphasized. Typically, they are randomly generated strings of characters drawn from a set which is small enough to be allowed by virtually all sites but large enough to have sufficient entropy for the given length. For these, there is no reason to do anything else; this system cannot be improved upon. Rejecting certain passwords because they double letters or whatever only reduces the space of potential passwords and therefore reduces entropy. But passwords we must memorize and use frequently should probably do something like Randall's recommendation. His system probably can be improved upon, but it is not obvious how, and it is already pretty good. One major downside is that many sites will not accept passwords consisting only of letters and spaces, but this can easily be solved by adding the same non-letter character to every password (0, for instance), which has no effect on entropy or memorability.

Your system is bad for memorizing, bad for satisfying requirements, and bad for security. You have already said the space of your passwords is (or technically has a bijection to) a strict subset of the space of Randall's passwords, meaning it has less entropy. And you have conceded that they are hard to remember. The advantage you claim is that they can be ordered according to an index, which I cannot really see the point of. In any case, the same is clearly true of Randall's. Whatever set of common words you are using, they will be listed in some particular order, so you can just number them starting at 1. Then, for any particular password, you can just replace all the words with their corresponding numbers (padded with zeroes) and concatenate them, giving a unique integer for each password and vice-versa. For instance, if the particular list you are using lists "correct" as the 107th word, "horse" as the 2451st, "battery" as the 74th, " and "staple" as the 3012th,

Needless to say, there are plenty of other ways you could choose to go about it, and they are all quite straightforward.
You don't seem to understand I don't care. I'll follow any rule you can dream up. But you won't light and sit anywhere. I don't write hashes, I use passwords. My password manager generates random passwords for me. I've asked a simple question, what makes a good password? Not is Billy Bob using a bad one, and not is Jane Doe is using a good one. I'm trying to control what I can control.

you would turn "correct horse battery staple" into 0107245100743012.
Why not just write it as a random string of one's and zeros at whatever length you want? It's what will happen when it is processed, since the only people using language are people. However I suppose that you can draw solace from the fact I will post no more on this topic. On the up side I know more about hashes that I thought I could know, and less about passwords. Bless my password manager.

User avatar
ucim
Posts: 5564
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 0936: "Password Strength"

Postby ucim » Fri Sep 01, 2017 1:32 pm UTC

morriswalters wrote: I've asked a simple question, what makes a good password?
It turns out that's not a simple question, and does not have a simple answer. "What makes a bad password?" does have a simple answer: anything in the (small) subset of passwords that a cracker will try first especially if they know your password generation method. This is fairly well known.

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

User avatar
Flumble
Yes Man
Posts: 1944
Joined: Sun Aug 05, 2012 9:35 pm UTC

Re: 0936: "Password Strength"

Postby Flumble » Fri Sep 01, 2017 3:49 pm UTC

morriswalters wrote:I've asked a simple question, what makes a good password?

Where did you ask this question?

morriswalters
Posts: 6899
Joined: Thu Jun 03, 2010 12:21 am UTC

Re: 0936: "Password Strength"

Postby morriswalters » Fri Sep 01, 2017 4:45 pm UTC

ucim wrote:
morriswalters wrote: I've asked a simple question, what makes a good password?
It turns out that's not a simple question, and does not have a simple answer. "What makes a bad password?" does have a simple answer: anything in the (small) subset of passwords that a cracker will try first especially if they know your password generation method. This is fairly well known.

Jose
So I gather. In other words all things I can't control. I once got a similar answer from the Science of Doom, about simple ways of explaining global warming to my mother. I was told it couldn't be made simple. That's a piss poor way to run a railroad. It's no wonder we elected Empty Suit.

@Flumble
Exactly what is the cartoon about? I just asked in a way you aren't used to.

viewtopic.php?f=7&t=73384&start=800#p4235258
If I ever choose to involve myself in anything like this in the future, I'll seek counseling. There are fewer and fewer things for me to talk about. Everybody else talk, in the future I'll just listen.

User avatar
ucim
Posts: 5564
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 0936: "Password Strength"

Postby ucim » Fri Sep 01, 2017 5:21 pm UTC

morriswalters wrote: In other words all things I can't control.
No. In other words, "it depends". What are you trying to accomplish with (any given) password? It's a bit like "good, fast, cheap... pick any two".

For you, as a user, on {this} site, what are your priorities? How often do you access it, and where, and with what hardware? How convenient is typing (more characters) for you? How easy is it to remember more tokens (of this type, or of the other type...)? These things (and others) play into what makes a "best" password system for {this} site, for you. So, "it depends".

morriswalters wrote:simple ways of explaining global warming to my mother.
There are lots of them. They are all wrong, but they are wrong in different ways. In many cases they are wrong in ways that don't matter (to your mother). And the most sophisticated ways of explaining global warming are wrong in ways we don't understand yet (because we don't fully understand global thermodynamics). If your mother can accept that, then you can get somewhere. All approximations are approximate.

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

KnightExemplar
Posts: 5489
Joined: Sun Dec 26, 2010 1:58 pm UTC

Re: 0936: "Password Strength"

Postby KnightExemplar » Fri Sep 01, 2017 7:39 pm UTC

morriswalters wrote:what makes a good password


A password is a human memorized secret. And that's all there is to it. Therefore, a good password is one with the most entropy with the least amount of effort to memorize.

The only matters left to discuss is whether or not you think Randall's entropy calculations are wrong. You're talking about "parity" and "patterns" and it doesn't matter. Randall assumes 11-bits of entropy (a search space of 2048) per keyword in his password generation scheme, which means all of your talk about "parity" and "spaces" and whatnot are already factored into the entropy calculation.

I think you're overcomplicating the issue. Randall assumes that each word has a search-space of 2048. With four words chosen at random, that's 2048^4 or 17592186044416 as the total size of his password search space.

I guess we can discuss if you think 17592186044416 is too small of a search space for passwords. We've already discussed how your method reduces the search space and brings forth complications without any real gains.
First Strike +1/+1 and Indestructible.

morriswalters
Posts: 6899
Joined: Thu Jun 03, 2010 12:21 am UTC

Re: 0936: "Password Strength"

Postby morriswalters » Fri Sep 01, 2017 10:06 pm UTC

Thank both of you for responding, but I've given this thread up for Lent or something. I now know I know nothing. So I'll go with habit and use my password manager.


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: rmsgrey and 32 guests