Passphrases suck less than passwords, but they still suck

By Cory Doctorow at 3:24 pm Tuesday, Mar 13 • Comments • Share

In "Linguistic properties of multi-word passphrases" (PDF, generates an SSL error) Cambridge's Joseph Bonneau and Ekaterina Shutova demonstrate that multi-word passphrases are more secure (have more entropy) than average user passwords composed of "random" characters, but that neither is very secure. In a blog post, Joseph Bonneau sums up the paper and the research that went into it.

Some clear trends emerged—people strongly prefer phrases which are either a single modified noun (“operation room”) or a single modified verb (“send immediately”). These phrases are perhaps easier to remember than phrases which include a verb and a noun and are therefore closer to a complete sentence. Within these categories, users don’t stray too far from choosing two-word phrases the way they’re actually produced in natural language. That is, phrases like “young man” which come up often in speech are proportionately more likely to be chosen than rare phrases like “young table.”

This led us to ask, if in the worst case users chose multi-word passphrases with a distribution identical to English speech, how secure would this be? Using the large Google n-gram corpus we can answer this question for phrases of up to 5 words. The results are discouraging: by our metrics, even 5-word phrases would be highly insecure against offline attacks, with fewer than 30 bits of work compromising over half of users. The returns appear to rapidly diminish as more words are required. This has potentially serious implications for applications like PGP private keys, which are often encrypted using a passphrase. Users are clearly more random in “passphrase English” than in actual English, but unless it’s dramatically more random the underlying natural language simply isn’t random enough. Exploring this gap is an interesting avenue for future collaboration between computer security researchers and linguists. For now we can only be comfortable that randomly-generated passphrases (using tools like Diceware) will resist offline brute force.

Some evidence on multi-word passphrases (via Schneier)

"Worst passwords" of 2011

By Cory Doctorow at 10:33 am Monday, Nov 21 • Comments • Share

SplashData, a company that makes password management tools, has released a roundup of 2011's "25 worst passwords," gleaned from password-dumps posted by "hackers" (presumably, sources like the Lulzsec Sony password files). I can't locate the actual study and its methodology (are these passwords "worst" because they're the most common, or because they contain the least entropy? Is the sample set representative?) but the list is still informative, and, of course, it can give a warm glow of superiority to those of us with stronger passwords.

1. password 2. 123456 3.12345678 4. qwerty 5. abc123 6. monkey 7. 1234567 8. letmein 9. trustno1 10. dragon 11. baseball 12. 111111 13. iloveyou 14. master 15. sunshine 16. ashley 17. bailey 18. passw0rd 19. shadow 20. 123123 21. 654321 22. superman 23. qazwsx 24. michael 25. football

Passwords have been a recurring theme this year, and it's becoming increasingly clear (to me, at least), that passwords may be reaching their end-of-life on the Internet.

25 Worst Passwords of 2011 [STUDY]

XKCD on the password paradox: human factors versus computers' brute force

By Cory Doctorow at 4:24 am Wednesday, Aug 10 • Comments • Share

Today's XKCD, "Password Strength," neatly illustrates the research from this paper (PDF) by Philip Inglesant and M. Angela Sasse from University College London, with the ironic conclusion that we've trained our users to use passwords that computers can easily guess and humans can't possibly remember.

Password Strength