Re: password vs pass-phrase

[Joel Rosenblatt <joel () COLUMBIA EDU>]

Interesting thread, but I think that both passwords and pass phrases have outlived their usefulness at this point.

Most compromises are accomplished by either phishing or key logging - and I don't care how long, complicated or obscure 
your secret key is, when they give it
away, the strength doesn't matter.

For my money, two factor authentication, in one form or another, is the future.

On the complexity topic (right now) there are no rainbow tables available for any password/phrase longer than 15 
characters - I would just apply the standard
password rules to the words in a pass phrase and make sure that as least one of them passes.

My 2 cents

Joel

--On Thursday, March 18, 2010 7:42 AM -0500 Ken Connelly <Ken.Connelly () UNI EDU> wrote:

> That loses length, which is the big gain from using a passphrase.
>
> - ken
>
> Allison Dolan wrote:
> > RE: pass-phrases - what about the variant where you use only the first
> > letter of each word, and then throw in a gratuitous special symbol or
> > two - eg. using Steven's examples
> > Ilteprot$%
> > !#mfdwas
> >
> > Short, easy to remember - assuming you can remember the passphrase
> >
> > ......Allison  Dolan (617-252-1461)
> >
> >
> >
> > On Mar 18, 2010, at 3:45 AM, Steven Alexander wrote:
> >
> > > If we assume the hash isn't compromised, then the passwords don't
> > > really have to be nearly as strong stand up to attack, especially
> > > with any sort of lockout or delay.
> > >
> > >  I don't think we should wait until they are before we worry about
> > > passphrase security.  Attackers may be using better tools well before
> > > we become aware of them.
> > >
> > > The last time I looked, the standard password cracking tools were not
> > > capable of doing the sort of phrase guessing that I mentioned, but it
> > > would not be hard to create separate word/phrase lists and adapt a
> > > program like John the Ripper to create passphrases based on those
> > > lists.  The lists could even be generated by doing a word count on
> > > the text of a sample of current news articles, fiction, etc.
> > > Assuming someone takes the time to modify or create a program to do
> > > basic guessing, phrases like "I like football" would probably fall
> > > pretty quickly, much faster than an average brute force attempt
> > > against a 40-bit key.
> > >
> > > I think we should encourage people to longer more unusual
> > > passphrases, things like "I like to eat purple rhinos on Tuesdays!"
> > > or "My first dog was a stegosaurus."
> > >
> > > -Steven
> > >
> > > ________________________________________
> > > From: The EDUCAUSE Security Constituent Group Listserv
> > > [SECURITY () LISTSERV EDUCAUSE EDU
> > > <mailto:SECURITY () LISTSERV EDUCAUSE EDU>] On Behalf Of Eric Case
> > > [ecase () EMAIL ARIZONA EDU <mailto:ecase () EMAIL ARIZONA EDU>]
> > > Sent: Wednesday, March 17, 2010 9:03 PM
> > > To: SECURITY () LISTSERV EDUCAUSE EDU
> > > <mailto:SECURITY () LISTSERV EDUCAUSE EDU>
> > > Subject: Re: [SECURITY] password vs pass-phrase (was: Are users right
> > > in rejecting security advice?)
> > >
> > > <snip>
> > > Is it obvious to a brute force password cracker?  If we assume the
> > > password
> > > hash has not be compromised and a key logger was not used, is it obvious
> > > that
> > >         four score and seven years ago
> > > is an awful choice?  Based on how the U of Arizona implemented NIST
> > > SP800-63, the above password/passphrase would score 53 bits of entropy.
> > >         4 score and 7 years ago
> > > Would only score 48 bits of entropy even though it uses three character
> > > classes and the first one only uses two classes.
> > >
> > >
> > > <snip> But we're also going to run into problems with users
> > > > picking phrases that are too simple and end up being subject to
> > > > predictions based on language analysis.
> > >
> > > I agree, once the password crackers start using language analysis or
> > > AI, the
> > > game will change.  Until then, can we get by with long 'simple'
> > > passphrases
> > > that are easy for users to remember?
> > >
> > >
> > > Based on how the U of Arizona implemented NIST SP800-63 . . .
> > >         I swim waffles          = 37 bits of entropy
> > >         I like pancakes.        = 40 bits of entropy
> > >         I like football.        = 40 bits of entropy
> > >         My husband is boring.   = 46 bits of entropy
> > >         Alice in Wonderland     = 44 bits of entropy
> > >         TriSsmitp               = 27 bits of entropy
> > >         My lawn is always green = 48 bits of entropy
> > >         My lawn is sempre verde = 48 bits of entropy
> > >
> > >
> > > > I'm not suggesting that passphrases are bad, just that they are
> > > > unquantified.  Without good language analysis and lots of real-world
> > > > examples of chosen passphrases, we don't know whether people actually
> > > > choose better passphrases than passwords or how a passphrase of length
> > > > X compares to a password of length Y.
> > >
> > > At least for now, you can quantify them based on length, character
> > > classes
> > > and dictionary/complexity checks by using NIST SP800-63.  When the
> > > crackers
> > > evolve, we will play catch-up (again).
> > >
> > > NIST SP800-63 uses the research the Brian points out.
> > > -Eric
> > >
> > >
> > >
> > > Eric Case, CISSP
> > > eric (at) ericcase (dot) com
> > > http://www.linkedin.com/in/ericcase
> > >
> > > This email has been scanned by a Spam/Virus Firewall. If your email
> > > has been classifed as Spam please contact the HelpDesk at (209) 384-6180.
>
> --
> - Ken
> =================================================================
> Ken Connelly             Associate Director, Security and Systems
> ITS Network Services                  University of Northern Iowa
> email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373



Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel