How To Calculate Entropy?
H, I've been lurking for quite some time now and am totally new to password management systems and the like. I wanted to ask how does one calculate entropy? Is there a formula you could share for both word based and randomly generated character passwords? How much entropy is enough entropy for my master password or any password for that matter. I just used the randomly generated word based suggestions (4 words) for mine as all my passwords before entering the realm of password systems were extremely basic, like my birthday for example.
Also to follow up, 1Password has the strength meter that I'm sure many of us are familiar with, where exactly on that meter is strong enough. Bright green? On the other hand, what is too little? Where do all the colors rank?
Really love 1Password by the way, very happy with it and can recommend it to anyone, I tried a bunch of different ones but I feel that this is the best option overall for anyone and the amazing customer support doesn't go unnoticed.
Cheers,
Ali Shah
1Password Version: 6.8 (680015) AgileBits Store
Extension Version: 4.6.9
OS Version: macOS 10.12.6
Sync Type: 1Password
Comments
-
Hi @AskAli,
That's such a great question. Bits of entropy is based on the number of permutations allowed for a given password "recipe". At its most basic, the calculation would be
log_2(number of permutations)
. The tricky part is determining the number of permutations.In the case of words based passwords, it's pretty straight forward. It's simply based on the size of our wordlist (currently roughly 18000 words) and the number of words. The number of permutations would be (wordlist size) raised to power of (number of words). So for 4 words that's 18000^4. log base 2 of (18000^4) = 56.5 bits of entropy. If you're using character based passwords then it gets trickier due to the digits and symbols sliders. The core concept is the same though, it's based on the number of total possible permutations with those settings.
If you're using the Mac app, you can actually see the bits of entropy value it determines for each password item created with a relatively new version of the Mac app. To do that, you can enable the "Copy Item JSON" menu item under Preferences > Advanced. Then when the item is selected you can use the Item > Copy Item JSON menu item. Paste it into a text editor and look for "pbe" (Password Bits of Entropy). The value next to it will be the number of bits of entropy for that generated password.
Currently we consider 75 bits of entropy to be the full green bar. But that could change over time. We recommend at least 40 bits of entropy for each password.
When it comes to a Master Password, we need to be careful with the word entropy. If you created your Master Password based off of a random password generator like our own, then that's just fine. The rule is the same and we recommend at least 40 bits of entropy for that password. However a lot of people don't actually use a random password generator for their Master Password and instead create one themselves. Human-created passwords do not have bits of entropy. It's not a random calculation, so there's no proper way to calculate all of the permutations. Without knowing the rules, you can't calculate bits of entropy.
I'm going to avoid answering the question about the bar colors and what they correspond to. That's information that's likely to get stale as we can constantly change that. You could figure it out by looking at the pbe values generated for various passwords.
I hope this helps.
Rick
0 -
Wow, thank you so much! That was incredibly informative and I really learned a lot. I find it super cool to see the entropy that you guys calculate and how you guys calculate it. I find this stuff also super fascinating and I could go on about it for hours. If I'm correct I think I read somewhere that if the password is user-entered you lower the entropy to reflect how it's probably not randomized then, correct?
Is there a way to see the JSON on iPhone or from the web app, it'd be cool to see the actual entropy there too but I'm sure most wouldn't care for that.
As for the meter, I understand you're constantly tweaking it but would it be a good assessment of if my password is good?
Or perhaps as long as it doesn't go under the "weak password" security audit and isn't deemed "weak" I don't have to worry about it.I've noticed for user-entered passwords when I copy the JSON I can't find the pbe in a text editor. So how does it still get a rating on the meter?
Edit: Quick side note, I'm not sure if this is a glitch or not but when sorting passwords by passwords strength for some reason it posts a password at 130 bits of entropy as stronger than one with 330.
Ali0 -
Wow, thank you so much! That was incredibly informative and I really learned a lot. I find it super cool to see the entropy that you guys calculate and how you guys calculate it. If I'm correct I think I read somewhere that if the password is user-entered you lower the entropy to reflect how it's probably not randomized then, correct?
On behalf of Rick you're very welcome. :)
And yes that is correct: if you generate a password with the Secure Password Generator, and then type that same password into a password field on a login item, the strength on the former will read higher than the latter. The latter is assumed to have no randomness.
Is there a way to see the JSON on iPhone or from the web app, it'd be cool to see the actual entropy there too but I'm sure most wouldn't care for that.
I know for sure there is not on iOS. I do not believe the web app has the capability either, but I'll ask Rick to jump in and correct me if there is indeed a way.
As for the meter, I understand you're constantly tweaking it but would it be a good assessment of if my password is good?
"Good" is extremely subjective, and relative. So I guess the way I'd put it is that "it is likely as good as any." The problem becomes there are so many variables that it is very difficult (if not impossible) to account for them all. For example, the password
correct horse battery staple
generated by the SPG might be rated as a strong password. Reality though is that it is not, because it was used in a famous XKCD comic, and as such any brute force password cracker worth its salt (no pun intended) is very likely to guess that one early on in the process.There really isn't a simple "yes or no" answer here. We can in many cases say if a password is "weak" (such as the above example), but it is much more difficult to judge a password as "strong" or "good."
I've noticed for user-entered passwords when I copy the JSON I can't find the pbe in a text editor. So how does it still get a rating on the meter?
It is calculated rather than stored.
Edit: Quick side note, I'm not sure if this is a glitch or not but when sorting passwords by passwords strength for some reason it posts a password at 130 bits of entropy as stronger than one with 330.
What platform and version of 1Password are you seeing this on? What do the password strength indicator bars indicate about these two entries?
Thanks.
Ben
0 -
Is it possible for a randomly generated password be the same as someone else? Or are there so many combinations that each one is unique, for both word based and character.
Thanks for answering all my questions once again, your support is amazing.--
macOS 10.12.6
1Password version 6.8Both strength bars are completely maxed out and are rated as "fantastic" but the #1 password, my steam account, is about 20 characters long. My Facebook has over 64 and is near the bottom, perhaps it's not sorted within the "fantastic" field.
0 -
Is it possible for a randomly generated password be the same as someone else?
Yes it is. However, that should not bother you. What matters is what someone would need to do to guess it. This can be estimated by the entropy. The higher the entropy, the harder it is to guess.
0 -
I've noticed for user-entered passwords when I copy the JSON I can't find the pbe in a text editor. So how does it still get a rating on the meter?
That's right. You'll notice that those don't have pbe, nor do they have pgrng (Password Generated by Random Number Generator). In that case we try to evaluate a strength (ps) on the assumption that it's a human that created it. You can think of it like password strength meters on any website. They don't know whether a password was randomly generated or not, so they have to guess at its strength. We do something similar.
Quick side note, I'm not sure if this is a glitch or not but when sorting passwords by passwords strength for some reason it posts a password at 130 bits of entropy as stronger than one with 330
That's probably because the sorting is based on ps, and not pbe. In both cases the ps value for those is 100 (it caps out at 100), so the sorting would be arbitrary for anything over 75 bits of entropy.
This is my fault. I didn't do something special for that screen to account for passwords with pbe > 75.
Is it possible for a randomly generated password be the same as someone else? Or are there so many combinations that each one is unique, for both word based and character.
Technically, yes it's possible for duplicates. But by the time you hit 64bits of entropy there are more combinations possible than there are grains of sand on the planet.
Thanks for answering all my questions once again, your support is amazing.
You're very welcome. We love talking about this stuff. It's super fun. :)
Rick
0 -
Thank you @rickfillion and @Ben. :)
0 -
You're welcome! Rick and Ben beat me to most of this, but I did want to follow up with a link to a similar discussion where I did a bit of an entropy comparison recently which may be of interest to you.
Ultimately the challenge is it isn't black and white; it's a continuum. While entropy can be calculated mathematically, there's no way to definitively say if a password is truly "strong enough", as that's going to be subjective. For example, some of my passwords are fairly weak, but they are strong enough for where I'm using them (for example, combination lock on luggage containing dirty clothes). We don't want to make people think passwords they create themselves are stronger than they really are. If anything, we want to err in the other direction to encourage people to use randomly generated passwords from 1Password for which we can be more certain...but either way at the end of the day it's up to us to do the best we can using these tools to secure our accounts. When in doubt, use the strongest password you can and don't worry about it. Cheers! :)
0