General question about passwords

mskopel

There are some website logins that I cannot always use 1Password for. For these sites I use a variation of a password theme. For example, for this forum I might use agile!SomeConsistentText and for the apple forum I might use apple!SomeConsistentText. Could someone comment on how secure this is?

Thanks.

Megan

Hi @mskopel,

I'm not a security expert here, so I'll ask @jpgoldberg to check in here to make sure I'm not leading you astray.

But I think it's safe enough to say that using any sort of theme or formula for passwords is not advisable. Think about it this way: say you used this theme for your Adobe password adobe!SomeConsistentText, and your username and password happened to be among the millions recently acquired by hackers. Using a theme makes it easier to take a guess at what your password might be on other sites: once that "SomeConsistentText" is known, it's a simple matter to test it out on other sites. If you have used amazon!SomeConsistentText or bank!SomeConsistentText you could be at risk.

If you are looking for a way to create passwords that are both secure, and slightly easier to remember and type, please check out our article Towards Better Master Passwords.

I hope this helps, but if you have further questions, we're here for you!

jpgoldberg

Hi @mskopel!

Megan summed up the situation perfectly.

If an attacker discovers your password for agile|SomeConsistantText, then it isn't too hard for them to guess that your Apple password may be apple|SomeConsistantText. Your scheme may offer some defense against fully automated attacks, but any attacker who studies passwords (and plenty do) will see what is going on.

One thing to keep in mind is that attackers know more about password behavior than the good guys. They have all of the data that we have, plus the ones that haven't been released to the public. So the important thing to keep in mind is that the attackers know more about password choice behavior than anyone.

So you still need unique passwords for those other sites. I'm not sure how many you have, but here is an article on situations where you might need to remember more than just one password.

http://blog.agilebits.com/2012/08/19/more-than-just-one-password-lessons-from-an-epic-hack/

If you have a lot of these, use them infrequently, and really can't use 1Password for them, consider using 1Password's Strong Password Generator for "pronounceable" passwords and write them down on a piece of paper. Without knowing the full details of your situation, I don't know if that is a solution that will work for you, but I strongly suggested that you avoid using the kind of scheme you described.

I hope that this helps.

mskopel

Thanks to you both, I'm changing passwords across the board and just was, well, looking for a safe but simple solution.

jpgoldberg

There is a somewhat more secure variant of what you are trying that people have proposed. I know you didn't ask about this, but I've been wanting to put my thoughts down on "paper" about those schemes for a while, and you've given me the opportunity.

People have proposed doing what you do, but making the password a cryptographic hash of DomainName|SomeConstantSecret. So the password for "domain name" would be SHA256(DomainName|SomeConstantSecret) You would need some software (simple) to perform that calculation for you and it could easily be done in a web browser.

Don't do that! First if something is going to be done that way, a SHA-style (Merkle-Damgård construction) cryptographic hash doesn't have the right mathematical properties. So wrap the hash in something like HMAC or use one of the bleeding edge hashes (Keccek, BLAKE2, Skein, etc) that are pseudo-random functions. The second thing is cracking attempts. If an attacker gets hold of one of these passwords, then the attacker will be motivated to try to figure out what the SomeConstantSecret is, as it will allow a break of all of your passwords. So you should also wrap up the HMAC into something like PBKDF2 to make the computation from DomainName|SomeConstantSecret to the site password slow. Finally, there should be a salt with each one of these to avoid collisions with others who might use the same secret.

This gives you a scheme where you are computing a password for each site that is reasonably secure, but it still isn't as secure as just storing randomly generated passwords in 1Password for several reasons. It also will have a number of problems. Will the generated password meet the site's password requirements (length, combination of characters it allows.). And of course, you are doing the expensive PBKDF2 operations each and every time you regenerate one of these passwords instead of just doing it once when you unlock 1Password.

So that sort of approach no longer has the "simplicity" that may have made it initially appealing, but doesn't achieve the security of 1Password either.