More basic questions about password strength factors
I'm a longtime user of 1P on the Mac and have done a little reading about password strength, including the recommended thread
https://discussions.agilebits.com/discussion/54598/old-pronounceable-vs-new-diceware-passwords/p2
but I have some questions that must be so elementary that it's taken for granted anyone interested already knows the answers. If you can recommend somewhere else that answers these questions, that would be fine, rather than my taking up more of your time.
1) Is a 'blenderized' password like 6Lm3.?NP4KtXGAv5L8 more secure than a more easily typed version of the same characters, LNPKXGAL63458.?mtv ? [Pardon if I made a typo, you get the idea] If so, why? and how significant is the difference?
2) Are there known language-specific preferences in choosing numbers, symbols, and letters on the keyboard, which some cracking programs would use? In other words, on QWERTY keyboards, do people choose 'random' letters more frequently from one side and or row of the keyboard than the others? Is that used by the evil ones?
3) Do cracker apps (the kind I have to worry about, not government-level ones) use multiple language dictionaries? Simultaneously? I have some familiarity with a couple of other languages; if I use a multi-word password drawing on 3 languages is that going to be significantly stronger? say e.g., is cuchillobookskoavskyvärddawn stronger than knifebookshoeobnoxiousdawn?
4) Is one of these arrangements meaningfully better than the others? cuchillo5book#sko&Avskyvärddawn cuchillobookskoavskyvärddawn or cuchillobookskoavskyvärddawn5#&
How about uKCfWMmUZT vs uuMMTTccff ? After all, this isn't a cryptogram quotation puzzle in the newspaper where you figure out that the character 's' stands for 'e' each time it appears, right? [I know adding symbols & numbers would be much better, this is just for illustration of repetition.]
Thanks very much.
1Password Version: 6.2.1
Extension Version: 4.5.5? 4.5.6 wouldn't install
OS Version: OS 10.10.5
Sync Type: 1 device only
Comments
-
Good questions, @goldfinch! I don't have specific answers for each of them. I've pinged @jpgoldberg for that. :)
While we wait for him, I think it may help to consider this gem from Toward Better Master Passwords:
The strength of a password creation system is not how many letters, digits, and symbols you end up with, but how many ways you could get a different result using the same system.
Indeed:
I can’t over-emphasize the point that we need to look at the system instead of at a single output of the system. Let me illustrate this with a ridiculous example. The passwords F9GndpVkfB44VdvwfUgTxGH7A8t and rE67AjbDCUotaju9H49sMFgYszA each look like extremely strong passwords. Based on their lengths and the use of upper and lower case and digits, any password strength testing system would say that these are extremely strong passwords. But suppose that the system by which these were generated was the following: Flip a coin. If it comes up heads use F9GndpVkfB44VdvwfUgTxGH7A8t, and if it comes up tails use rE67AjbDCUotaju9H49sMFgYszA.
That system produces only two outcomes. And even though the passwords look strong, passwords generated by that system are extremely weak. Of course nobody would recommend a system that only produced two outcomes, but people do recommend systems that produce a far more limited number of outcomes than one might think by inspecting an individual result of the system. This is because humans are far more predictable than we like to believe.
Some of what he wrote there also made it into our security article How does the password strength indicator determine the strength of a password? which contains some further insights. Of course, it's possible you already know all that. In which case, let's wait for Jeff to reply here. :)
0 -
But if the system for choosing the passwords in your example is completely unknown to the attacker, how can it matter? That person or program is still facing a long string of unknown symbols in effect, is that right? To me it seems only relevant in a case like this: the spy is trying to pass through enemy lines at 10 min past midnight & knows that the password changes at midnight but that some sentries accept either one for a while. A traitor has given him both the pre-midnight password and the post-midnight password, and so he can try first one or the other. But if he had neither password, nor the system used for choosing them, he'd be at a loss.
There must be something basic here that I don't get.
0 -
@goldfinch: It's always important to give the attacker the benefit of doubt and assume that they're smarter and already know the method used to generate the password/key/etc. It's entirely possible that they do if they're that intent on attacking you in particular, and learning as much about you as possible toward that end. And after all, we don't lose anything by making this assumption. If we're wrong about it, we have a secret that's even stronger than we thought. But if it's the other way round and we assume that the attacker is an imbecile when they're in fact quite competent, we don't take the proper precautions. Also, 1Password is a freely available app that anyone can download and play with to get a sense for the kinds of passwords it creates. Better safe than sorry. :)
0 -
Happy to help! Have a fantastic weekend. :)
0