Are your passphrases really secure?

Passwords are arguably the most secure form of authentication and their importance in today’s world cannot be overemphasized. Unfortunately, great number of people (even hackers) still uses insecure passwords. This guide will hopefully help you improve your passwords. Since this post will be a relatively lengthy one I’ve decided to split it into two parts. Feel free to skip the theory part if you are not interested in it.

Theory: First of all, what is the difference between a password and a passphrase? Generally the term passphrase is used for a sequence of words that is longer than a password. Passwords are typically a few characters long, while passphrases are longer, 20+ characters. There is no clear distinction however and these two terms are used somewhat interchangeably.

Password/passphrase strength is calculated in two ways. First, we can calculate the total number of possible combinations for the given character set and the password length. By finding the base 2 logarithm of this number we get password strength expressed in bits of entropy. The latter measure is commonly used. For example 8 character password that contains lower and uppercase letters, numbers and characters (including space) has 6.63e15 combinations, or 52.6 bits of entropy, assuming that the password is random.

It is not hard to calculate these numbers - standard US keyboard has 2×26 letters, 10 numbers , 32 non-alphanumeric characters and a space, 95 in total. From there you calculate the number of combinations (N) by raising 95 (the number of possible characters) to the power of the password length. The number of bits of entropy is calculated by finding base 2 logarithm from the number of possible combinations (which is done by dividing base 10 log of N with base 10 log of 2. If you only have the number of bits of entropy you can calculate N by raising number 2 to the power of bits of entropy.

Password/passphrase needs to be strong enough in order to withstand attacks to crack it in reasonable amount of time. In worst case scenarios an attacker may be capable of performing tens and even hundreds of millions attempts per second, or even worse – crack shorter passwords in very short time using precomputed rainbow tables.

Rainbow tables contain precomputed hash values and the password is cracked almost instantly if its hash can be found in the table. They are used when an attacker obtains password hashes by hacking a database server. Rainbow tables for passwords up to 10 (or so) characters long are freely available online and unfortunately a lot of web services still use insecure hash practices.

Practice: In case you skipped the theory part here’s the executive summary – in worst case scenario an attacker can crack 10 character or shorter passwords instantly and if he can’t do that he can still perform 10 million attempts in a second.

So, what’s wrong with using a date, phone number, pet name or a word from dictionary as a password? Each of these passwords does not have sufficient strength. A password made out of a date, even if it contains special characters as separators has around 30 bits of entropy and if you use such a password for example to lock you computer it can be cracked in seconds, even on old machines. Using a word from dictionary is even worse. Complete dictionary typically have a hundred or so thousands of words, but the dictionaries in common usage have only few thousands of words. One word passwords can easily be cracked, even online on insecure systems.

Now you know that you shouldn’t use “password”, but how about “password1!A”. At first glance the string “password1!A” meets the requirements of a secure password. It’s 11 characters long, can’t be found in a dictionary and it uses letters, numbers and non-alphanumeric characters. It’s strength should be 72 bits, but it is not. This password is insecure and so is “p4ssw0rd”, or even “qeadzcwrsfxv1331“. Human brains are miserably predictable when it comes to generating passwords (that can be remembered). We cannot think randomly. The attacks that cracked those seemingly complex passwords used combination of words while adding common suffixes and prefixes and performing common substitutions (a->4; o->0 and so on). In a stunt organized by Ars Technica an anonymous attacker cracked 90% of 16000 passwords in 14 hours using Radeon 7970 GPU.

Not even using passphrase akin to the famous “correcthorsebatterystaple” passphrase from XKCD will be secure against these attacks. You might improve security by using words not found in common usage dictionaries, or using words from multiple different languages, but the fact remains – passwords/passphrases generated and remembered by our brains are insecure.

The good and safe alternative is to use a password manager such as Password Safe or KeePass. With these programs you only have to remember one password and then you can have a random, secure password for each website you are using. Just make sure you backup your password database.

That takes care of the basic problem, but what if you want/need a way to generate and remember secure passwords without the help of password managers. How could human brain come up with something (pseudo) random and remember it. The answer could be in historic (manual) cryptography.

ROT13 for example shifts each letter 13 places, A becomes N, B becomes O, Z -> M and so on. Now, I know ROT13 is horribly insecure as a cipher, but it turns “SECRETPASSWORD” into “FRPERGCNFFJBEQ”, which as a passphrase is a lot more secure. ROT13 is a variation of Caesar cipher, you don’t have to shift letters by 13 places, you can take any arbitrary number between 1 and 25. At worst this increases the passwords by factor of 26, at best the password could be considered truly random. Even more secure method would be using better ciphers, such as Vigenère or Transposition or any other. All of them can turn easy to remember passphrase into something (pseudo) random.

And finally, beware of those “secret questions” used in case you forget your password. A secure password doesn’t mean a thing if an attacker could guess your security question.


Fatal error: Call to a member function query() on a non-object in /srv/disk6/22907/www/ on line 39