As a person who spent a long time today changing passwords (in part due to the Gawker thing, but I had been meaning to for a while), I have some very nasty things to say about how many sites have stupid restrictions on passwords - why do you care if I want a password that's longer than 8 characters? Why do you care if I want to include a non-alphanum in my password? wtf, really, why? It's easier to not have those restrictions on a field so why why why are you going to extra trouble to add them? Oh I'm getting mad just thinking about it.
Yes, and they wait to tell you their arcane rules until after you've typed in the password that you want. So you have to repeat. It's like that teaching method I saw on Fernwood Tonight that simply shocked the learner for a wrong answer.
I can see reasons for requiring non-alphanumeric characters in a password (even though the reasoning behind that might not be valid). But why the hell you would want to forbid using them, is beyond me. Still I've seen this in pretty many sites, even modern ones.
Maybe they don't have proper parametrized queries and are afraid of SQL injections :)
The thing I found the worst about Chase is they require a number in your username. Not that the other restrictions aren't inane (6-12 char password, alphanumeric only, etc).
Yes, exactly. I was surprised how little correlation there was between how important the security of the site was and what quality of password was allowed by the site.
Some of that is archaic database tables (or using NIS/YP as the user manager in the backend).
You didn't used to be able to start a password on AMEX's sites with a digit...
I don't think it's just about hashing. When I see restrictions on passwords or other fields, I always assume the worst. If < is not allowed, that's because your password will show up unencoded in HTML somewhere. If $ is not allowed, that's because somebody is afraid that it will actually be treated as a variable reference somewhere. Likewise & or % in URL-encoded data, ' or " in JavaScript, etc.
The most universal and silent restriction seems to be on NUL bytes.
Back-ended by non-RDBMS systems, the banks may be using something like YP or NIS to store passwords so that multiple systems can hit one, central authentication system. NIS had horrible password restriction issues (much like LANMAN).
My bank password is 4 digits. But they ask another, one shot 4 digit password from a table they've sent to you when you actually move money. I thought all banks did this?
Mine uses an 8-digit password for the website, plus another 6-digit one for transactions. On top of that you have to authorize the computer you use (they send you an SMS with a code if you log in from a new computer).
I don't know how they uniquely identify your system, but the technology is Java-based.
I discovered that Sallie Mae doesn't accept special characters.
And that iTunes now forces one capital letter. I dunno, I think if you've used a special character you should be forgiven for not using a uppercase letter
1. I don't want a single point of failure, though I suppose an email account fulfills that role no matter what you're using. My email account password is 30-34 characters long.
2. I use multiple computers, multiple OSes, sometimes not owned by me, and sometimes multiple browsers.
3. Many accounts I couldn't care less if they got compromised; they get the same password as each other, which is still complex.
> hashing your master password with SHA-256, encrypting the result a default of 6000 times with AES, and then hashing it again
Any crypto-geeks around to say whether this makes it more secure or less? I've heard it said many times that multiple encryptions and hashings can actually make the encryption weaker.
Using KeePass + Dropbox + local copies of the passwords db makes it so that even if Dropbox goes out of business, you'll still have your database. Dropbox and KeePass (well at least variants thereof) all run on Linux, OSX, Windows, and Android. On the issue of computers not owned by you, you shouldn't be entering your passwords on untrusted computers to begin with, but if you must, KeePass works right off a USB drive.
> Many accounts I couldn't care less if they got compromised; they get the same password as each other, which is still complex.
Sign up on mywebsite.example. I now have the password to (depending on what accounts you couldn't care less about) your Facebook, Twitter, Hacker News, etc. accounts and can ruin your reputation by spreading false information.
In this context (key derivation), repeatedly applying a computationally expensive function is apropriate and standard practice. It's called "key stretching".
See the PBKDF2 algorithm for a standardised example.
I've heard this as well so I whipped up a quick Ruby script that hashes a numbers of strings over and over, let it run for a few days on a quad-core machine and found zero collisions. I tested MD5 and SHA-1. It may weaken the hash a bit but it also makes the algorithm slower which means it's harder to brute-force.
1Password + Dropbox means your passwords will be secured on multiple locations: your computer, iOS devices, and dropbox ... and there's even a neat html version as well.
Using a password manager is a great idea in theory. In practice, I have the same problems with the concept as many other people do. It's great if you have, say, a MacBook, a Windows system, and an iPad that you want to keep synced. When you have one of everything, your options are narrowed drastically. Many of these solutions also either punt on synchronization and rely on me to find an option I like to handle that problem, or they use some kind of cloud service not under my control. I don't need or want that cloud service. I don't care how well the file itself is protected; you can't attack what you don't have.
What I do have access to from most of those systems is SSH to a machine I control. I'd be willing to run a password manager on that system, but I haven't yet found one I'm willing to install. I'm not going to put Qt and X11 on the system just to run KeePassX. I'm tempted to write my own at this point. It'd at least solve the password management problem in way that I'm comfortable with (i.e. any problems in the solution are my own fault and if I get owned, I'm the only one to blame) and without having to send a copy of the encrypted database out to the cloud (except in tarsnap backups, but I'm already trusting cperciva with the keys to the kingdom there!).
What can I say? I use keepassx. I keep the db on dropbox -- so that it's always available to me -- and protect it with a key file and a password.
Good luck getting into all my accounts. First you need to crack my dropbox account. Then you need to guess which file out there on the interwebs I use to protect it. Finally, you can try to crack the password I use. I'll even give you a clue: the password is less than 40 characters.
So yes, use a password manager. It's trivially simple and stress free.
Except that it's _not_ trivially simple. I don't want to:
- Set up dropbox on every computer I use.
- Figure out how to get keepassx to work on Android.
- Open up a password manager when I want to log into something. Oh, I can leave it open? Wait, is that secure?
- Figure out if there are any limitation of the password manager you've suggested, which you may have missed.
- Deal with a "password migration" if I decide to switch browsers, which will include an absolutely non-trivial search for some software that replaces an app that is now a crucial part of my daily routine.
I could go on, but password managers are most definitely not a trivial task -- they add a layer of friction that I simply can't bring myself to care about when it comes to security to my Gawker account. Computers exist to make my life easier, not as a creator of problems that require working around.
KeePass doesn't interface with the browser directly - instead (at least in Windows) it registers a global hotkey with the OS which will use the active window title to find an entry in your password database and then automatically fill in the form with your username and password.
KeePass features an "Auto-Type" functionality. This feature allows you to define a sequence of keypresses, which KeePass can automatically perform for you. The simulated keypresses can be sent to any other currently open window of your choice (browser windows, login dialogs, ...).
By default, the sent keystroke sequence is {USERNAME}{TAB}{PASSWORD}{ENTER}, i.e. it first types the user name of the selected entry, then presses the Tab key, then types the password of the entry and finally presses the Enter key.
For sites or apps with weird forms you can customize the sequence.
"- Open up a password manager when I want to log into something. Oh, I can leave it open? Wait, is that secure?"
The way OS X's "Keychain Acccess" handles this feels like a good compromise. After some timeout (a minute or so) the password gets hidden and you have to put in your master password to see it again.
What if one of the machines you use has a key logger installed, you're totally compromised. Not just the passwords you use, but everything stored in Keypass.
At least if your passwords are in your head they will only have access to sites you entered while on that machine.
Ok, so I've definitely lost about 3 dozen client passwords when my password manager was eaten by a drive failure. And then when I went to restore the backup discovered that the creator of the password manager was no longer supporting the software.
So my faith in password managers has been shaken. I greatly enjoyed having to ask all my clients for their passwords again.
I have a new system, but if someone ever got ahold of my drives who knew what they were looking for, that would be hellish
I worry about Dropbox + security. The fact that I'm sharing folders publicly with other people in the same directory that I have private data, worries me. Lots of room for human error
Why does 1Password need dropbox? It would make much more sense if they had their own cloud solution
Edit: Don't get me wrong, I love dropbox and I'm sure 1password is great. But I don't feel secure with dropbox (ever lost a file that was in your dropbox because you or a colleague made a mistake on a synced computer?) and I hate the idea that a person could have a copy of a single file with every one of my clients critical passwords, encrypted or not
Your password file is still encrypted, so would-be attackers would still need your master password. As for developing a cloud solution... who knows. Maybe they considered it orthogonal to the goals of 1Password to develop and maintain that entire infrastructure.
What? No it wouldn't. The fact that you can use your existing, free Dropbox account means that 1Password can provide you a lot more value at no cost to you or them.
And it's not like 1Password doesn't encrypt what it puts on Dropbox.
I use the default OS X password manager Keychain access.app and symlink the keychain file to Dropbox. It manages all my web, app, WiFi, mail account passwords. It has a nice feature to generate different styles (memorable, letters&numbers, numbers only, random, FIPS-181) of password at various lengths up to 31 chars.
The interface is less polished than 1Password, but since it comes by default on every OS X install I just use it. Meanwhile 1Password seems really annoying from time to time: it always asks to save passwords but seldom autofills for me. Maybe I just use it wrongβ¦
No one mentioned lasspass (http://lastpass.com) -- desktop benefits and portable. Other than the fact that your passwords are out there on the Internet (in encrypted form) for someone to hack into, is there any other downside to using something like lastpass?
ditto: for me (um.. challenged) dropbox great, but keepass thing is opaque; yet still, as a pw user and pw hater, i need a solution now; pw make me crazy; so i'm testing lastpass, so far so good; should i worry? why? thx
At what point does "good practice" become justified OCD? Not every account is equally important. Have unique passwords for email and financial accounts - absolutely, but does it really matter if someone compromises your HN password? As long you keep that completely separate from anything that can really hurt you, why obsess over it?
Despite popular belief, writing down your password and storing it in a lock box is leagues better than storing it online. The number of people who have access to your physical belongings is many orders of magnitude less than the number of people who can attempt to compromise an encrypted database.
"Don't write your password down" might have been good advice in the 90s when most people only used a computer at work and the internet wasn't as ubiquitous as it is today.
augroup GPG
au!
" decrypt before reading
au BufReadPre *.gpg set bin viminfo= noswapfile
" decrypted; prepare for editing
au BufReadPost *.gpg %!gpg
au BufReadPost *.gpg set nobin
" encrypt
au BufWritePre *.gpg set bin
au BufWritePre *.gpg %!gpg -ear email@wherever
" encrypted; prepare for continuing to edit the file
au BufWritePost *.gpg silent undo | set nobin
augroup END
The author looks down on browser's password managers but to me they seem like the perfect solution -- relatively safe, with reliable auto-fill and, most importantly, already installed and configured. Syncing is just a matter of moving your profile to another computer.
Am I missing something? Is there some inherent flaw in these managers? Firefox will even encrypt the passwords by default and allows the user to set a master password. Exporting passwords is a little annoying, but how often is there a need for that?
I've always found it odd how people say Jesus Christ as if it were a curse word. I wonder where this practice originated. Is it common in other parts of the world for other religions? Do people in China have an equivalent saying? Oh Buddha! etc.
Yeah, there are a whole slew of religious curse phrases -- "oh my God", "mother of God", "for God's sake", "for heaven's sake". Or even exotic variants like, "sweet mother of mercy".
I find it interesting that they are generally used to express awe, surprise, or to invoke a sense of gravity or urgency -- opposed to other swear words which generally seek to disgust, communicate an offensive attitude, or invoke taboo to draw attention through shock. The religious oaths seem to me more like the oaths of fantasy ("By Turin's beard!", "I swear upon the sword of my father", "In Vela's name") than the language of shock and offense ("scurvy maggots", "Why don't you go stick your foo in a bar and then baz it?")
I'd speculate that they're referencing the strong emotions religious people actually feel -- the awe and gravity of the sacred, a cry for help in a moment of fear, not the offensive force of blasphemy. The amplification is always toward the sacred ("sweet Mary, Jesus, and all the saints") or the silly ("Jesus H. Christ on a pogo stick"), never toward the offensive. "Jesus" amplifies to "Jesus Christ" or "holy Jesus", never to something like "Jesus' stinkin' piss".
At least for the Christian ones, I believe it partly goes with the whole 'Thou shall not speak the Lord's name in vain' thing.
Most chinese swearing has to do with a) actual cursing (damn you!), b) penis and vaginas and c) insulting your parents. So basically the same as English once you strip out god/lord/christ.
Maybe this is a case of premature optimization: but what if you ever need to log into a site from a public computer where you can't install your password manager.
I realized that without a password manager you're forced to choose between 1) having one super-secure password and 2) having multiple easy-to-remember passwords.
My compromise is this: have a password template. This is a string that changes in a predictable way based on the site. This could be something as silly as "password_${site_name}", making my gmail.com password "password_gmail" and my twitter password "password_twitter".
Obviously, the formula won't be terribly complex, so if I tell yo my gmail pass you can probably figure out my twitter pass given though time. But that doesn't bother me, since I'm mostly concerned about gawker-type incidents where my password is among thousands of others, in which case the bad guys will exploit the 90% of the passwords that do work instead of trying to reverse-engineer those 10% which don't.
LastPass gives you the ability to generate one time passwords [https://lastpass.com/otp.php] ahead of time that you can print out and keep in your wallet for use on public machines.
There are also several options for multi-factor authentication for an additional level of security.
Password? Use your brain to memorize it all!
Really, I've been memorizing hundreds of password with just a simple key, hint, and reminder. Rather than using a password manager that actually a computer programmed system. You'll only forgot your password if you lost your brain!
Okay, for a serious situation, I'm using a basic text storage then encrypt it with a trusted modern encryption system, high bit level.And some cloud computed storage web app that already moving on the new way to store and encrypt your password. That's it? Nope, it's useless.
But for real, there are lots of another way to store your password than using a password manager or a computer. Sometimes we can do it manually. For your life, use your idea. Peace.
I use SuperGenPass with a strong master password. It's not perfect (a malicious website could use Ajax to fish for my master password on a sign-up form), but it gives me a single password to remember, different passwords for every site, and I can keep the HTML page that runs the hash function on my thumb drive and use it anywhere.
In order to solve this problem for myself I looked into SuperGenPass as well, and reimplemented it in Racket so I could understand what it's doing. Here are a few notes on that:
β’ It's based on MD5.
β’ It repeats the hash 10 times. Typical key strengthening functions will do at least 1000 iterations, and at least 10000 seems to be becoming more common.
β’ Each time it repeats the hash, the output is encoded with a variant of Base64.
β’ The implementation of Base64 is deliberately nonstandard. + and / are replaced with 9 and 8 in the output (respectively). It pads with A, not =. The point is presumably to avoid generating special characters that could be disallowed by some password systems. This actually seems like an unintentional benefit to me: while it theoretically increases the probability of a collision, it does make it slightly more difficult to recover the original passphrase from the hash, or so it seems to me. (Any cryptographers want to comment on this one?)
β’ Hashing is repeated until it generates a password that starts with a lowercase letter and contains at least one uppercase letter and at least one number. The first restriction must come from some actual site, but it hardly seems common enough to enforce.
The biggest risk is in a site fishing your master password, though their "mobile" version allows you to run it in a different window. All in all, I think the concept has promise, but the implementation could be significantly improved.
But seriously, I visit so many sites and use so many different computers that I have my passwords indexed in a little black book encoded with my own personal code. They would have to pry it from my cold dead hands to get them.
Notational Velocity was designed from the ground up as a desktop password manager and follows all of these rules, using PBKDF2-based key derivation with a default of 8000 iterations, adjustable in units of measured CPU time. Security features are described in greater detail here:
