Security Basics mailing list archives
AW: ADS Password Storage Protection
From: Christian.Assfalg () bc boehringer-ingelheim com
Date: Fri, 21 Jul 2006 08:39:37 +0200
Do you have a link to those password papers from Microsoft? Sounds interresting. Recently, I attended a lenghthy debate about single-sign on from a couple of people who don't feel the need to lock their workstations when they go, or who feel they need to be able to let other people work with THEIR accounts... (without fear of having them access to some "personal" data, which is what the single-sign on solution was used for) Yet, I don't necessarily mean single-sign on, more like a single account, single credentials you can use instead of all those simple and small web-accounts... Most of the time, I can't even remember what username it was, especially if it's crowded (ebay, big forums...) so I can't use my "default" username or if you're given you a customer number. I agree, it has additional Risks, but a lot of pros, too. You can change your password consistently for a great number of access points for example. In the long run, I think that protects you better. Your solution with different endings is not too bad, but as soon as you change your root (and I guess you do, or at least should sometime), you don't know which root you have to use for a site you haven't visited for half a year. And of course if someone knows one of your passwords and suspects this technique, your're in trouble. However... Just had an idea: what about using some sort of hash as password...? Something like you do with root+ending, but using the hash of that as password, maybe incorporating the username or so? That should protect your "root" quite a bit, and it is easily reproducable if you use a common hash-function like sha-1 or md5... One could write a plug-in for Firefox for example to make it easy to use. And it would give you reasonable complexity and length, not matter what the password / passphrase you need to remember is. Though md5sum and sha1sum only contain lowercase letters and numbers. -----Ursprüngliche Nachricht----- Von: Roger A. Grimes [mailto:roger () banneretcs com] Gesendet: Donnerstag, 20. Juli 2006 16:56 An: Assfalg,Christian (APER) BIP-DE-B Betreff: RE: ADS Password Storage Protection There are many that feel an english word passphrase is significantly weaker than a much shorter complex password. Microsoft's Great Password Debate papers are a great starting point. I just disagree with the conclusions because there are no good brute forcing tools for passphrases at the moment. Single sign-on solutions, like Microsoft's Passport, have many additional risks. What I do instead is to use a common root (say frog) with different endings for each web site (i.e. frogwebex, frogstock, etc.) so that my passwords are long, easy to remember, but different for each site. -----Original Message----- From: Christian.Assfalg () bc boehringer-ingelheim com [mailto:Christian.Assfalg () bc boehringer-ingelheim com] Sent: Thursday, July 20, 2006 10:38 AM To: Roger A. Grimes; security-basics () securityfocus com Subject: AW: ADS Password Storage Protection Your point against dumb complexity requirements is good. ;-) Just did a couple of calculations myself... There are thousands of words in the english language I guess, so even if you use only 6 words, that still accounts for more possibilities than a random-character based password with 6-10 characters and only tens or some hundred possibilities per character. Anyway - What I'd like to see is some way to get rid of all those different login credentials in the first place... I mean just how many login credentials can you remember? How often have you searched for some username/password combination in your mailbox or so for a website you registered half a year ago and never visited since? How realistic is it to have a different, High-Quality password for each of those sites? Actually, giving it some second thoughts, Microsoft's passport service is quite interresting in this respect, though I don't know any details about it, and I don't simply thrust Microsoft either. ;-) -----Ursprüngliche Nachricht----- Von: Roger A. Grimes [mailto:roger () banneretcs com] Gesendet: Donnerstag, 20. Juli 2006 15:09 An: Assfalg,Christian (APER) BIP-DE-B; security-basics () securityfocus com Betreff: RE: ADS Password Storage Protection Here is my statement: That password length is a better defender of passwords than complexity, character for character, and that length should at least be given equal treatment when creating strong passwords. Instead, most applications and web sites asking for a strong password will accept significantly shorter and weaker passwords than my 20-character password, but not accept my alpha-only 20-character password. What would I like to see as the outcome: 1. More web sites and applications that accept long passwords as acceptable, without requiring 3 out of 4 character set complexity. 2. Microsoft increase the maximum value of the min. password length, which is now at 14. 3. People to start to talk about length as a natural factor of complexity, and give it its due consideration. Instead, people and web sites are requiring shorter, complex passwords, which are sure to fall before a longer password. -----Original Message----- From: Christian.Assfalg () bc boehringer-ingelheim com [mailto:Christian.Assfalg () bc boehringer-ingelheim com] Sent: Thursday, July 20, 2006 2:25 AM To: Roger A. Grimes; security-basics () securityfocus com Subject: AW: ADS Password Storage Protection What you say is true, length increases the maximum number of possible passwords far more than a greater number of base characters. That is statistical mathematics. However, it assumes that the characters are not dependant on the other characters, which is not always the case. That's why dictionary attacks work so fine. You can substitute a number of characters (say 4) with all possible 4-character-long words. That reduces your complexity quite a bit. A passphrase of 8 words with 5 characters each does not translate to 24^40 possibilities, but rather to (whatever-the-number-of-5-character-words-in-english-is)^8. In a dictionary attack, you can use this to significantly reduce the number of tries you have to try. That's why a lot of people don't think that passphrases are as good as passwords that have more random-character digits. One point is shurely that the current cracking tools (this was mentioned before) concentrate on shorter, randomized passwords, instead of longer passphrases. This will eventually change, I guess. Still, I think that you can make a cracker's work much more difficult if you use a long Sentence as password, adding a special character here and there. At least you can give quite some challenge to those who design the dictionary-creating algorithms. ;-) However, all this discussion is based on the assumption that a cracker actually HAS the hash, and actually needs the clear-text password. As mentioned several times, you can aparently perfectly authenticate with the hash only by using a modified smb client. So why cracking the password at all? I too think that you can enhance security much more by restricting access to these hashes. No hash, no way to crack the password somewhere else where you can't audit the failures and lock the account. -----Ursprüngliche Nachricht----- Von: Roger A. Grimes [mailto:roger () banneretcs com] Gesendet: Dienstag, 18. Juli 2006 23:42 An: Eoin Miller Cc: security-basics () securityfocus com Betreff: RE: ADS Password Storage Protection Here's my conjecture. A 10 character password with 26 characters, 26^10 =146,813,779,479,510 possible passwords. If my password is 9 characters long, I have to add another 12 characters of complexity before I pass the increase of strength from lengthening my password from 9 characters to 10. When faced with whether to add more complexity or length to increase password strength, length counts more than complexity, per the math, character for character. If you add the fact that even with increased complexity requirements, 80% of your users will use the same 32 characters anyway, increasing complexity doesn't mean the passwords really get more complex and harder to break. In an extreme example to further support my case, suppose the IT department required four different character sets to be used in a password with a min. length of 4. With most normal existing password complexity requirement character sets I could meet the requirements with a password of Pa5@. This password would be broken relatively quickly. If I require a min. length of 5 and three character sets (ex. Pass5), the workload required would be more than with the latter than the former. -----Original Message----- From: Eoin Miller [mailto:eoin.miller () trojanedbinaries com] Sent: Tuesday, July 18, 2006 4:55 PM To: Roger A. Grimes Cc: security-basics () securityfocus com Subject: Re: ADS Password Storage Protection Roger A. Grimes wrote:
Length is always more important than complexity because password keyspace is expressed as Y^X, where Y is the number of possible characters and X is the password length. Thus, any similar increase in
X has significantly more impact than to Y.
Roger, That relies upon the assumption of all attackers performing attacks that attempt all possible characters all the time. In most attempts to break passwords, the attacker will remove the uncommonly used characters from being attempted. Since users try and follow the bare minimum requirements, not adding complexity requirements can have a detrimental effect. Consider the following hypothetical situation: An internal employee has sniffed hashes from a network (we will assume there are no shortcuts/weaknesses in the algorithm). The internal company policy only requires 8 character length passwords and nothing more. Which will be broken first by the attacker who is only trying to crack a hash with lowercase letters [a-z]? A hash generated from a 10 character password that was created with only lowercase [a-z]. or A hash generated from a 8 character password that was created with lowercase [a-z], uppercase [A-Z], numerical [0-9]. The likely combinations to guess are not only derived from the length of the password but also from the minimum requirements instituted by the password policy. Having password complexity requirements forces attackers into using more possible combinations. I will not argue that length or complexity is more important than the other because situations can arise that expose the weakness of either. Both are required (and complement each other) when instituting a sound password policy. --Eoin --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- AW: ADS Password Storage Protection Christian . Assfalg (Jul 21)
- <Possible follow-ups>
- AW: ADS Password Storage Protection Christian . Assfalg (Jul 21)
- RE: ADS Password Storage Protection Roger A. Grimes (Jul 21)
- Re: ADS Password Storage Protection Ansgar -59cobalt- Wiechers (Jul 24)
- Re: ADS Password Storage Protection Michael Rice (Jul 25)
- RE: ADS Password Storage Protection Roger A. Grimes (Jul 25)
- RE: ADS Password Storage Protection Roger A. Grimes (Jul 21)
- Re: AW: ADS Password Storage Protection Joe Barr (Jul 21)
- RE: ADS Password Storage Protection Roger A. Grimes (Jul 24)
- AW: ADS Password Storage Protection Christian . Assfalg (Jul 21)