Use a Password Manager

Recently, I saw a picture trying to extoll people to use better passwords. That would seem like a good idea and at some level it is. However, it is no longer a good idea. That's right, trying to get people to use better passwords isn't a good idea any longer. Now, having said something so controversial, let me explain why.

It's not that strong passwords aren't a good idea, and the idea of using them is certainly good.  It is just that people are essentially incapable of creating truly secure passwords. The example in the picture (hopefully linked to here) is in fact the proof. The "99ballons" is an obvious phrase (18 bits of randomness) and even after obfuscating it, it isn't that random.

To back that statement up, I need to explain what a truly secure password is. A truly secure password is one that is an encoding of a random number of sufficient bits that it takes too long for the attacker to guess it.

The problem with people generating passwords is that they aren't really random. In fact, in most cases they are very poor approximations of random. Sadly, even the best advice doesn't get people to generate truly random passwords. It simply gets them to generate ones that are better.

Let's analyze what people do to generate passwords.

First, we have the obvious bad examples, where people use common words or easy to type key sequences. Everyone knows "password" and "123456" are bad, but so are "fido" "giants" "rachel" (pets, sports teams, significant others, and common phrases). Anyone who picks a password in the list of 100 (or even 1000) most common passwords simply hasn't picked a password at all, especially if you pick a password that can be associated with you.

But, what if you pick an obscure word? Password hackers have long know how to use dictionaries of common passwords to look for passwords. The number of words in your typical language is simply too small. The typical English speaker's vocabulary is about 20,000 words. The estimate for all of English is still only about one million words and most of those are so rare and obscure no one will pick them as a password. However, a competent password dictionary could easily include them all.

Well, what if we put two words together to make our password. We just roughly squared the number of possibilities. So, 20k * 20k = 400m. That would be much better if people actually randomly picked two words. However, we are still only at about 20 bits of randomness. Thus, with a dictionary and guessing pairs of words, we are still guessing the password in a small amount of time. Here the key thing to remember is that many password attacks are not trying to type your password into your computer and seeing if it works. Many password attacks are on copies of the secret stored password file that have been stolen by a hacker. Yes, that password file is encrypted, but the encryption method is generally known because it is one of the standard ones (and some of the standard encryption methods are even easy to break). Still with a copy of the password file, the attacker can generate as many passwords as they want and encrypt them and try them against the file. The only question is how long it will take. Moreover, there are techniques like rainbow tables which can significantly speed up the process.

Well, what if we force the user to mix case. We've gotten a little better. We have doubled the number of spellings once for each letter in the word, i.e. dog becomes also Dog, dOg, doG, DOg, DoG, dOG, and DOG, so for 3 letter words we have 8 possibilities and 5 letter words 32 possibilites and for a pair of 7 letter words, 2**14 or 16,384 possibilites. If we multiply that by our two words, we are still only up to 20+14 or 34 bits of randomness. That, of course, depends on the user picking the letters to capitalize at random. If forced to use mix case, the user is much more likely to switch the case on the beginnings (or perhaps ends and/or one other letter) of the word. Thus, in practice we have only multiplied the number possiblities by around 6 bits, thus only 26 bits of total randomness.

Make the user add a few digits, adds around 4 bits per digit, with 4 digits one might have 34+16 or 50 bits of randomness. However, back to the more likely case the user will add 1 or 2 digits and only at the beginning end or in-between the words. Thus, we have only add about 10 bits of randomness by requiring numbers, letters, and some case shifting, if we add that to the 26 bits of randomness we are only up to 36 bits.

Using (or adding special characters) adds a bit more complexity, but if you always use @ for "a" or "g" and "!" for "i" or "l" etc. and never for other letters of the alphabet, you have significantly reduced the amount of complexity you have added. The number of special characters that people normally substitute is small and again the hackers already know those tendencies and thus have encoded them into their dictionaries.

So, with a fair amount of work one *might* get a password with about 60 bits of randomness. In practice, a user is more likely to get on the order of 40 bits and that requires dedication, in fact as I approximated the number of bits in the secure password, I got roughly 40 bits of randomness (by my estimate, the more charitable estimate from my password manager is 63 bits, while the average generated password by the same tool is 100+ bits).

Passphrases might be better if we picked them randomly, i.e. don't pick well known ones like "Kings play chess on Fridays generally speaking" or "Fifty shades of gray" or even "Love means never having to say you are sorry". My guess is that the hackers are building dictionaries of passphrases already.

That means if you are serious about your passwords you might get a decent one (or even a decent set of a dozen), but if you have fifty places that needs passwords, you are likely to run out. Moreover, you are going to have to memorize those passwords. If you make them really hard and keep them unique, you are going to have a lot of difficult information to remember. That means that typical users will never be able to follow such etiquette. You will always have easy to guess passwords for many cases. Or you will have users that write their passwords down.

The last step isn't as bad as it seems. Sure posting a sticky note on your screen with the password to the computer administrators account is a bad idea. However, having something else remember your hard to guess passwords is perhaps a good thing.

This is where password managers come in. A password manager is simply a program the remembers your passwords by storing them in an encrypted file for you and tells you which password you used for which site. If you are wondering if this isn't vulnerable the same way that a system password file is, the answer is not really. The hacker when getting a system file, gets the passwords for many users once they decrypt the file. The hacker only gets your passwords if they get your password manager file. Now, if you are the President of the United States, that might still be worth getting. However, if you are an "average" person like me, it isn't valuable enough. So, yes it can be cracked, but in most cases it isn't worth the effort to do so.

The other thing a password manager generally does, is that it can actually generate the passwords for you, and it won't do so by picking a couple of dictionary words and then trying to obfuscate them. It will pick a random password (or at least as random as its random number generator can produce). Thus, if it picks a password with only 60 bits of randomness, you can reasonably expect that some hacker using a dictionary attack is not going to find it, no matter how good their dictionary is.

So, with a password manager you don't have to remember the complicated passwords and you get ones that are likely to be safer than any you can generate yourself, short of rolling dice to generate passwords. Thus, take the easy way out, don't try to generate hard to guess passwords. You aren't likely to do so. Let a password manager create them for you and remember them. Your life will be much easier.

Moreover, if you are a security person, get in the habit of making that your recommendation, rather than suggesting how a user can generate a hard password. You will be doing all of us a favor.