How Can Four Random Words Possibly Be More Secure Than 16 Random Characters?
Vložit
- čas přidán 19. 06. 2024
- ☀️ Passphrases which are four random words can be more secure than passwords -- perhaps even more so -- and are easier to remember if needed.
☀️ Passphrases are better
There are as many, or more, combinations of four or five random words as there are 16 random characters. Given that they can be just as secure and significantly easier to remember, passphrases can be a useful approach to password-based security.
Updates, related links, and more discussion: askleo.com/158497
🔔 Subscribe to the Ask Leo! CZcams channel for more tech videos & answers: go.askleo.com/ytsub
✅ Watch next ▶ Will AI Crack Your Passwords? ▶ • Will AI Crack Your Pas...
Chapters
0:00 Four Random Words More Secure Than 16 Random Characters
0:55 There are more words than characters
1:10 About random characters
4:35 Why combinations matter
6:25 Random words instead of characters
9:20 Random words for real
10:00 “Correct Horse Battery Staple”
12:40 Make it secure
❤️ My best articles: go.askleo.com/best
❤️ My Most Important Article: go.askleo.com/number1
More Ask Leo!
☑️ askleo.com to get your questions answered
☑️ newsletter.askleo.com to subscribe to the Confident Computing newsletter.
☑️ askleo.com/patron to help support Ask Leo!
☑️ askleo.com/all-the-different-... for even more!
#askleo #passphrase #password - Věda a technologie
The real benefit is memorization. For a given entropy I can remember far more in word combinations than random letters and numbers. Remembering four random words in sequence is far easier than remembering 10 random characters even though they have similar security.
It's even better when you consider you can actually get someone tech averse to actually use a complex passphrase. For a password they will just use two words and a birth year, slap them together, maybe add an exclamation to the end of required, and call it a day. I'll take a four word passphrase over a two word two digit one special character passphrase any day.
@@TheEclecticDyslexic And then stupid websites won't just let you use a few words. You have to throw in a capital, numeral, and special character. My go-to is to capitalize the first letter, then add a 1! at the end. So much for improving security...
Memorization of passwords in general is _not_ a benefit. No-one should ever even know the passwords they are submitting when logging in. With a password manager, there is never a need to know your account passwords.
Now, granted: remembering the master password to your password manager is pretty darn'd essential! So, using this technique for that one password is indeed a reasonable proposition.
But if you are aiming for a mechanism to help you remember dozens of passwords for dozens of websites or accounts, you are barking up the wrong tree: it's the wrong goal in the first place.
The right goal should be to use randomly-generated 20+ character passwords that are unique per site/account ...and which you simply do not personally know and don't even need to remember. KeepassXC for the world!
@dizwell I work in IT and need to be able to enter my administrative passwords on any computer in any department at the office. Even if I have a password manager on my phone, it is very difficult to copy a random 20-character password from my phone to the computer.
@@tasmanwinchcombe9774 Er, I work in IT too. One of the more serious Oracle DBAs on the planet at one time, in fact. And there are **no** circumstances in which remembering administrative passwords is appropriate. SSH remotely to anything serious and your password manager is on your local PC. If physically visiting the rack is necessary, then a minute spent laboriously copying the password off your phone is no real inconvenience at all. It is also possible to create a non-privileged account with a correct-horse style password on the server you keep having to visit that runs nothing but a password manager. You log into that account that gets you nothing but access to the password manager. You then supply a complex (but standard) password and a unique keyfile from a USB stick to make the local password manager unlock correctly, get the password you actually want from there and use su to then gain administrative access to that machine. There are various other approaches that could be taken too, of course.
What you are actually saying is that there is always a trade-off between security and convenience... and this is 100% true. You, however, appear to think that being an IT administrator means it's OK to opt for the convenience side of that equation. I don't, and I don't think it's ever appropriate (or necessary) to do so. Normal users whose most important secret is a $200 bank account: fine, I'll make allowances. IT professionals? Nope. It would be dismissal for gross negligence if you ever tried that in any workplace I was running, put it that way.
What the fine video neglected to point out, too, is that it is trivial to construct databases containing the text of the entire Bible, the OED, the entire Project Gutenberg archive, the whole of Wikipedia and every single national newspaper article published in the last couple of decades, plus more. That gives you a *huge* wordlist to use as a crowbar. In 2013, a 4-Radeon 7950 set up costing $800 could guess 30 *b*illion word combinations _per second._ Including mucking about with capitalisation, inserting odd characters into the middle of things, and so on. Search Google for "Ars Technica How the Bible and CZcams are fueling the next frontier of password cracking" for a good article on the subject, note that it was published in 2013 and then consider how much more powerful graphics card parallel processing has become since then. The password "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn1" was guessed within moments because it happens to be a phrase from the H. P. Lovecraft short story "The Call of Cthulhu" and was included in a Wikipedia article on the man. Humans being human, they won't _really_ select four random words from the dictionary, but will instead pick things like "Harry Potter and the Deathly Hallows" or "A Little Piece Of Heaven": trivially guessable, no matter what mangling, re-capitalisation or number insertions take place in an attempt to obscure it.
In short, and being deliberately blunt about it, because it's an important subject: If you are relying on this technique outside of a purely domestic situation, you are doing it wrong. Period.
"Easier to remember" is the key here.
The best password is basically useless if you use the same one everywhere (because it took so much effort to remember it once) and _any_ of those places is compromised (i.e. with every new place you use it it automatically becomes less secure!).
With multi-word passphrases it becomes feasible to have (and actually remember) multiple passphrases for different purposes.
That said: just use a password manager, preferably with a long - i.e. 5+ words - multi-word passphrase as master password, and let it generate long 30, 40, 50 characters, as long as the target will allow) random password (which you never have to type in manually or even remember anyways).
Mostly... This can become a real hassle when logging into apps on your tv or e-reader, for example 😁. Keeping things somewhat typeable might make sense
I'm in the process of changing all of my passwords to a combination of "4 random words" and high strength passwords (20+ letters [random capitals], numbers and special characters. I keep an Excel list with multiple backups and update it whenever I change passwords. And yes! I save it password protected with a more memorable password. I save it as something unrelated (obviously not "passwords"), hide the sheet and leave a bog standard spreadsheet visible.
@@ianl1052 Better use a dedicated password manager. Excel's password protection is... well let's call it: in dire need of improvement.
Also, a real password manager will do the copy-and-pasting for you and it will also create truly random password (if you create passwords manually they usually aren't; humans are very bad at being random).
@@stephanweinberger You mean like LastPass who got hacked?!?
@@ianl1052 no, since we are comparing it to an Excel-sheet I of course mean locally installed programs (like e.g. Keepass or Enpass), not cloud solutions.
There's also no reason to limit yourself to words from just one language. Don't even have to be from real languages. As long as they are words you know, they'll work.
Klingon passphrases! qa'wI' may'morgh!
You are not supposed to pick the words. Though any language is fine (adjust for number of words).
Ka pla
which has zero impact on brute forcing time.
"Poppycock!", I say...as a password word?
In the beginning, everyone just chose a random word as a password. Once that wasn't enough, everyone lost their minds. Turns out we just needed a few more random words
The main problem is places with strict password limits like banking software which didn't (and still don't) allow you to just add more words.
I still thinks that it compares apple to oranges. Because the key benefit of multi word passwords is that they are easier to remember. But as soon as you start capitalizing random letters and adding random spacing words it gets harder to remember. Another Problem is, that people are really really bad at choosing something at random, meaning the distribution of used words is far from univarate and words like Dog and Cat are probably used a lot more often then something like Entropy. Of course this can be avoided by literally taking a dictionary (online or offline) & a random number generator to construct the password. But the most secure probably is to use a key manager with a multiword master password and let it generate random character passwords for each account. With that you have the best of both worlds and because you only need to remember one master password, that you have to type in rarely it can easily be 7 words or so, meaning no hard to remember special spacing and capital letter placement needed.
The point of using small numbers of words is designing passwords to be secure and EASY TO REMEMBER.
To remember the random character sequence requires remembering every single character.
So people take a word or two and apply a few common substitutions. This drops the possibilities to much less than 72 possibilities per character - in fact it can drop to 4 per character. And that grows much slower.
In contrast, there are plenty of 2048 character word lists you can automatically select from that give 2,000 possibilities per word, which gives exactly the same randomness as a typical 22 character password.
And if you randomize from lists of 4,096 or 8,192 words, they become much more secure.
Remember that the security of any password is dependent on your attacker knowing EXACTLY how you created the password. Things like predictable symbols between words or capitalization in predictable places DON'T INCREASE SECURITY AT ALL.
The advantage of the 4 random word passphrase is that the user has no input on the words - they are selected from a table by a randomizer. Therefore the minimum security is the size of the table raised to the power of the number of words. Even a criminal who knows EXACTLY how you made the password will need to try every single word combination. But the user only has to remember 4 words and make a funny pattern around them, and then it will be automatically remembered. This is much easier to remember than even an easy to brute force password.
correcthorsebatterystaple has 2⁴⁴ possibilities and is easy to remember.
A 22 character password at 4 possibilities per character (on the high side of a password made from a long word or 2) has 4²² (2⁴⁴) possibilities and you will forget it very quickly. You now need to store it somewhere. And you need a password/passphrase that you can remember to open a password vault program.
And since a human was involved in creating that 22 character password, they will NOT be making truly random decisions, so if a criminal knows their tendencies, they can reduce the search by several orders of magnitude.
@@rationalbushcraft That's the real issue, both with passphrases and traditional passwords. Humans are very bad at choosing random things. It's almost always better to let your computer generate your password. There are programs that can generate passphrases too (or you can use something like Diceware, where you roll 5 dice and then look up the corresponding word in their word list).
I just use a password manager for my 32 random characters. It rolls the 32 random characters too.
Yes. This video missed the point completely. Which is odd as it's shown explicitly in the cartoon, with illustrations.
@@JaimeWarlock Agreed. I then use this random word technique as the master password for the password manager. It is really secure even if someone has physical access to the device.
@@misterrichardc yet you pretend thats something most or even 1 percent of people will do? this is as dumb argument
The biggest advantage of pass phrases over passwords is people are less likely to write down a pass phrase. If administrators enforce strong passwords with difficult to remember rules, you will find the average user will write that password down or simply create one password and then do something like increment a number at the end each time the password is reset. You could go into any business and find dozens of passwords end in the value of the current month with an exclamation mark at the end. Creating a pass phrase of 4-5 words will be simpler for a user to remember but provides the security of a long character password.
Incremental passwords are often used for websites and computer systems that require passwords to be changed every 90 or 180 days and won't let you reuse any of your previous 10-12 passwords. That makes it very difficult to memorize the password so you have to write it down.
Lovely presentation. I've been using this method for a decade or longer. I have a master passphrase for my computer which is 36 characters long. I've made four modifications to your method. 1. I speak so languages, so I choose words from different languages. 2. I have a system for inserting special characters between words. 3. ONE word in the passphrase is derived from the site/log-in/device being protected (this makes each passphrase unique). 4. I insert numeric characters into the passphrase using an algorithm which makes the digits unique for each passphrase. What does this mean in practice? I have close to a hundred passphrases which I can memorize or reconstruct. The Real Problem: Many websites put restrictions on password creation, mostly limiting the password to 12-16-20 characters or prohibiting special characters. I don't know who these "security IT" people are, but they are making the website less secure.
Many so-called security systems have no clue about what makes a password strong. I use a password manager that will generate a 20-character password from the alphanumerical set (i.e. 62 characters) giving 7 x 10^35 possibilities. I restrict it to that base because I sometimes have to type a password into a field manually on my phone, and I make too many mistakes when shifting to symbols on the pop-up keyboard. However, some sites reject my 20-character password as "too weak" because it has no special characters, although they will happily let me use Password123! which they deem "strong". I could train chimps to produce better algorithms.
Wow… I thought I had written this comment! Your ‘password’ algorithm’ is EXTREMELY similar to mine!
My previous life was spent in some seriously hairy mathamatics, and deep statistical analysis showed me the usefulness of this general method.
(My Father was a mathematician (he also taught graduate & post-graduate), so he helped with some of the more esoteric stuff)
One thing I figured out in the intervening years is that ‘security question’ type security does NOT have to be a answered ‘honestly’ nor ‘correctly’.
My answers to “Mother’s Maiden Name” or “Favorite Food” have NOTHING to do with Mom or Apple Pie. I view it as ‘an answer’ to a ‘question’, NOT THE CORRECT answer to a ‘specific’ question.
I also use ‘phrases’ from songs or sayings or speeches, etc as ‘passwords’ or ‘pass phrases’.
“Four Score and Twenty Years Ago”
“I’ve Seen It Raining Fire In The Sky”
“To Be, Or Not To Be’
“Fish Or Cut Bait”
“Jump Down, Turn Around”
Etc and etc, combine to form ridiculously long pass-phrases for pass-keys.
Use character substitutions e.g. $=s 1=l 3=e 0=o
Don’t use your birthday, or anyone’s else for that matter. Use the year and month you had your first fender-bender, for example, or when you got your first kiss, make it YOURS, but extremely unlikely to be in any database, but that are memorable to YOU.
CORRECT!!! 🙂
One problem is that websites (for example a bank) occasionally require that you change the password. Have you figured out a way to handle that idocy?
@@chuckgrigsby9664 The only reason to change a password is if it has been compromised. In other words, the bank is worried that its password database is likely to be stolen. I'd point that out to them, and ask that if they have no confidence in their security systems, why should you?
Of course that assumes that nobody ever reuses passwords, because if one site is compromised, it compromises our account on every other site where we reuse the password. But that's very much within our own control.
One thing you didn't mention is that the easier it is for a user to remember the password, the less chance they will write it down somewhere that someone can find it. This can even offset a weakness on the brute force side in the overall sense.
Our IT people decided that everyone needed to adhere to a very Draconian password protocol, including having to change your passwords every 30 days.
The result was that EVERYONE (including the IT folks) had their passwords written on post-it notes.
So, the search for ironclad security resulted in zero security.
When we got our new Wifi router my roommate asked me if I could change its password into something that wasn't a pain to type every time someone needed to log in for the first time. I chose the first line of a poem that pretty much anyone knows. It's about 50 characters long, has capitals, spaces and a special character and so far (over a year later), anytime someone asks for the password, I just tell them it's the first line of said poem and they immediately enter it correctly first time. Both the easiest and most secure password I've ever had, which is why it pisses me off every time I have to create a password for some site which has so many limitations and requirements for a password that make it impossible to remember if I don't use it regularly.
The real value of a multiword password, IMHO, is twofold: 1. it's a lot easier to get to a lengthy password (and if the people designing the password requirements force you to use all the different types of characters, hackers have to check all the various combinations) but 2. YOU REMEMBER IT SO YOU DON'T NEED to WRITE IT DOWN! That's the main thing people do to compromise their passwords and forcing everyone to create complicated passwords only makes it more likely they'll choose to compromise themselves in this way.
This may be true when you have only a few passwords but when you've got dozens, hundreds even, you still need to use a password manager, and at that point it makes no odds or is even worse if the attacker knows the dictionary from which the words are taken. The weak point is still the human.
Lol I have mine written down in actual paper. I may forget where it is, but it's not possible to hack... yet. Lol.
I also don't put all of the information in place, instead using shorthand. I don't need to use my email if it's my username, so a rando who got ahold of the paper wouldn't know where to begin
Good job Leo. Also, almost everyone knows a few words from a "foreign" language and they should throw them into their pass-phrase too, no reason to stick to just one language.
German is good for that. It's common practice to join nouns for example "Donaudampfschiffahrtselektrizitätenhauptbetriebswerkbauunterbeamtengesellschaft". I'm not kidding. That's actually one word. Copy and paste it into Google if you don't believe me. Just don't use it as a password now!!!
Adding a typo through the random addition of one single character, and using a proper word list spanning the Oxford English dictionary gives you a dictionary size of over 600,000x26x6 over 90 million.
Just use a good word list and add one typo, you will be all good.
Edit: I haven't done all the math to check, but I don't think you should have to worry about more than say half the typoed words to collide. So call it 45 million dictionary size for good measure. That will get you the same complexity as completely randomly capitalized letters.
There are other things that can also increase the 4 words password strength :
- spelling mistakes (intentional or not)
- Slang and local dialect
- different languages pidgin creole etc...
Yeah most people are not fluent in another language, but I'd say most people know words that are not in the english dictionary.
No. Those things make it harder to remember and therefore worse. I suggest looking at the original xkcd cartoon, it's very clear about what it's saying.
@@chaos.corner Yeah I guess spelling mistakes can be hard to remember unless you do that mistake literally all the time.
But the other if they are words you use I don't think they are harder to remember.
5% of the world is native english speaker.
15% knows english.
for 95% of english speaker not using english is easy.
for 10% of the world using english + another language is easy.
And if you are in the subgroup of the english speakers that only know the english dictionnary, and absolutely no slang, foreign language, local expression or memes.
You can probably also mix in names (not in the dictionary)
Still too hard ?
@@glorrin Thing is, you are not supposed to choose the password, that reduces the entropy. People use a lot fewer words than they know and even words you don't know could work if you can remember them (and you know them after that anyway). Again, I recommend reading the cartoon because it really explains it better and fully. (I do have issues with the cartoon but this guy has made a hash of explaining what it's getting at).
I've been using multi-word passwords for years now. I hate using intercaps but I do mix in things other than common English words. Rarer English words from more obscure parts of my vocabulary. Words from other languages that I know a sprinkling of. Character names from movies, anime, books, etc, that I like. What I call "pronounceable non-words" (EG blipple, bingdinka, bobbotop, and whatever else springs to mind in the moment). Plus a small dusting of numbers just to add some spice to the password.
Every password of mine is unique and none are really guessable from knowing any others, nor even from knowing my password making rules. My main threats are, as this guy says, someone getting a hold of my password directly. From phishing, breaking into the password storage, keyloggers, etc.
One caveat on special characters: Be careful what you choose if you may use a computer in a foreign country for some reason. The keyboard at your father-in-law’s home in Mexico may not have some special characters you need available on it.
Yes, there are ways around such a problem. Just be aware that it could be a problem.
A bigger problem is that a lot of server code won't properly store certain characters. So you typed "ABCΩΣX", but it was modified somewhere before saving to "ABC&&&", but when you try to use it, the code modifies it differently to "ABC***", so password doesn't even match properly. I have even had government servers crash when entering special characters.
i have had this problem of a fashion when i try to use the same site on my computer and phone.
12:43 This is exactly how I created the master password for my password manager. I also substituted letters for numbers (but not all the obvious ones) add an obscure date which is meaningful to me. I then set it as my computer login password for a while, which was honestly a pain in the backside, but it ensured I eventually remembered it and muscle memory over a week or so made it a doddle to type. Willing to bet I could post the hash and there aint no-one telling me what my password is.
The problem with all passwords, random characters or random words, is that most people have far too many accounts to be able to remember that many unique passwords. Hence the need for password managers and multi-factor authentication. I gave up on random word passwords because I can’t remember random word combinations. Some people can, but my brain doesn’t work that way.
Agreed, use this as bases for master password of password manager, then use that to generate 40+ character random passwords for each site is my method. Then I'm remembering one, not many options. That said, make the random words into a nonsense phrase, easier to remember and your connectors just became multiple words with and without spaces and capitalization.
Yeah, the xkcd cartoon tries to make it seem like remembering one word, "troubador" with some simple tweaks is someone how harder to do than four unrelated words and in the correct order.
I agree that I wouldn’t remember which words I used over what random characters I used and I use a password locker. But I can see the benefit is that it would easier to type in random words when your password locker isn’t able to auto-populate for you.
Poorly considered passwsord rules can make a password weaker. Fore example a 4 character password (lets keep the numbers reasonable for the example) with the standard 72 characters is 72x72x72x72= about 26.8 million possibilities, but if the rules require one capital letter, one lower case letter, one number, and one special character, the math is 26x26x10x10= only 67,600 possibilities. So all those rules made it easier to brute force or if you are working with a hash file, it makes your rainbow table much smaller.
If the number of preconditions approach the password size, as was your example, there is a slight decrease in the possibilities, but not quite as you calculated. (You’re presupposing a character order in your calculation that a brute force method will be unable to adopt to be consistently successful.) As the minimum password size exceeds the number of preconditions, the efficacy of a brute force method decreases exponentially, because it (largely) cannot assume that any position is of a certain character classification. Hope that helps.
I don't think this is true since in a brute force attack, hackers still need to search through all 72 possibilities at each of the four positions in the password because they do not know in which position you placed the capital letter, lower case letter, number, or special character, and they will not know until they have completed the entire password correctly. Thus, the possibilities are still 72x72x72x72, i.e., the same as without the restrictions.
Even if they had some feedback as to whether or not they found the correct character at each position after going through all the possibilities for that position, your math does not work. (This is somewhat of a moot point since passwords only work after the entire completed password is entered with no feedback as to the correctness of the symbol at each position as it is entered, but I include this hypothetical scenario to show that the 26x26x10x10 calculation is also wrong for this scenario.)
For the first position tested, they would always have to test for all 72 possibilities since they do not yet know what type of entry is in any of the positions.
If they found the first tested position to have a capital or lower case letter, then they would need to test the remaining 46 possibilities, for the next position. If, however, they found a number or a special character for that first tested position, then they would need to test the remaining 62 possibilities for the second tested position.
Here are the distinct possibilities for this scenario (note that the possibilities where the Caps and lower case (lc) positions are interchanged, or the number (num) and special character (sc) positions are interchanged, are not distinct since there are the same number of Caps and lc letters, and there are the same number of numbers and special characters):
Cap lc num sc: 72 x 46 x 20 x 10
num Cap sc lc: 72 x 62 x 36 x 26
num Cap lc sc: 72 X 62 x 36 x 10
num sc Cap lc: 72 x 46 x 36 x 10
Notice that none of these scenarios yield the result 26x26x10x10. The only scenario that would yield that result is knowing ahead of time which position contained which type of character so that only the possibilities for that type of character would have to be tested at each position.
@@luminiferous1960 Thank you for spelling that out. (I was going to leave that as an exercise for the original poster!) To take your analysis further, it should be obvious that as the minimum password size increases, the number of 72 multiples increases in kind. This is the core of the logic behind requiring a password with a capital, a number, and a special character. Without it the brute force method can cheat and work below a 72 threshold.
@@AnimationByDylan Yes, the extension as the password size increases is obvious, especially since this was shown with many examples in the video. I'm glad that ericapelz260 chose only a 4 character long password to illustrate her erroneous point so that I did not have to go through more distinct possibilities to illustrate the error in ericapelz260's math.
What saddens me is that ericapelz260's comment with the wrong math got so many likes without anyone else questioning the math. I think it is a case of confirmation bias since most people dislike having to meet any imposed restrictions on their passwords since it may make them slightly harder to remember and/or to type, so they would prefer to believe that the restrictions are not necessary and are even counterproductive.
26 x 26 x 10 x 10 can work. If you then multiply by the possible combinations.
So the answer is 26 × 26 x 10 x 10 x 4! X 72 ^ (x - 4).
X being the length of the password
Very informative and straightforward, as usual.
I think the biggest advantages of a passphrase over simple password is it is easier to remember than a bunch of random characters so less likely to have to write it down or save in a text file and two, it encourages using longer passwords.
4, 5-character words, separated by spaces is no more difficult for a brute-force attacker than 23 random characters.
Both of which would require a pretty powerful algorithm. The attacker would also have to contend with accounts that lock out after a few unsuccessful attempts.
One major problem with this approach is that it's assuming all words are equally likely to be choosen, and that all variations (change letter capitalizations, replacing letters with numbers, etc are equally likely). In reality humans are pretty bad at being random, hackers can take advantage of this when searching for passwords by prioritizing the order they search. For example by trying the most common words and variations first. The search space might still be the same size but chances are the correct combination will be discovered long before the more obscure combinations need to be considered.
Do you have a favourite book you've never mentioned online? Or an obscure book found in a 2nd hand bookshop, perhaps? Can you memorise a particular page number? On that page, can you memorise a number for which paragraph to pick? Does that paragraph contain a name which the author clearly made up?
All of those things give you a chance of a passphrase that nobody is going to break, no matter how they prioritise particular words. If you can remember paragraph 4, page 73 of fly fishing by JR Hartly, then you can use the entire sentence, increasing the security of your passphrase.
Fellow Brits of at least a certain age know that book to be from an advert many moons ago. If someone ever published that title, it would be useless if a crackers dictionary were to be built using comments on passphrase videos, but it was an advert.
Even a phrase from whatever holy book you may have been brought up with is better than nothing, because a cracker would have to try every verse of every chapter of every book, and that is making the assumption that you begin your passphrase at the first word of the verse.
As noted in the video, increasing the length of your phrase increases you security. Being a favourite line from a book is obscure, being a random line is even more obscure.
@@mattsadventureswithart5764but what about the wet quantum monkey potatoes and actuarial data?
It's probably too late now man.
We blew the lid off of this whole freaking operation :(
I need a hat like magneto has
@@mattsadventureswithart5764bottom line is don't wash your potatoes without this magneto hat or the monkeys on the other island are gonna wash their potatoes and the insurance companies and credit agencies are gonna guess your password
@@mattsadventureswithart5764 I remember a story of a password that was cracked and it was a line from a poem written in a language that only a few hundred people spoke.
You may be better off making up your own lines than using one that anyone else knows.
Really interesting, I hadn't thought about this, I just use a password manager with a long and complex chain of characters, and a complex but easy to remember pass word phrase for the PW manager access !
Not just an archaic word list. Most people have a personal lexicon of nonsensical words they use regularly. There's also the benefit of being multilingual, thus having even more words to use. By using words that can't appear in a hacker's dictionary, you force them to use a raw bruteforce attack.
This is why I don't even have a complexity requirement in the systems I develop, over a certain minimum number of characters. The longer your password, the more rules are lifted. When I did an audit on one of my test systems, I found one user who actually had a password with more than a thousand characters. He types it from memory, says it's nothing but words in PascalCase. He's trilingual and knows slang from two extra languages, so he's definitely safe.
That being said, in these systems, we're all nerds, it's not an end user product or an enterprise network or anything, just toys for nerds. Though I would like to see more end user products and enterprise systems adopt this paradigm.
The only reason I would use such a multi-word password is if I wanted to remember it, as opposed to using a password manager. But, if I wanted to remember it, then throwing in all these random capitalizations and inter-word characters would make it harder to remember, if they were truly random. So, I'd probably just end up adding more random words to the multi-word password, which would make it hard to remember. It might be better to come up with a long sentence based on something only you know and then take the first letter of each word, preserving the capitalization.
The capitalization thing was not part of the original cartoon. It really explains it much better than was done here.
Unfortunately you are at the mercy of the max password length of some websites. There is a technique called diceware where you take a word list and dice to create a completely random password made of words.
That's a sign of incompetence. The only thing worse is when they have a secret limit and don't bother to tell you about it. I've been hit with that a few times where I set the password, save the password and it won't work because it's doing something weird witht he truncation.
1. There's game theory involved. If everyone were to use word-based passwords, they would become less secure because brute forcers would be able to go that route.
2. Virtually every kind of account these days has a maximum for the characters in use, "correcthorsebatterystaple" would already be too long for most accounts despite neither (neigh-ther?) of the words being overly long.
3. While capitalization allows for more variety, it also robs the system of the main benefit. As someone who deals with people forgetting their password on a weekly basis, I can tell you that people always mess up capitalization because that's not something we inherently store in our brains.
My more general advice is this: People who break into your house where you might have your passwords written down will not be interested in those passwords. Those that are interested in your passwords won't break into your house. So writing it down (on actual paper) is more secure than what people give it credit for.
1. Before you start getting into the weeds of creating fancy secret schemes for your passphrase, the security calculation assumes that the brute forcers are taking the most efficient route -- performing a dictionary attack using the exact word list that you used, so if everyone started using passphrases, you'd still have the security that you calculated.
2. True. Some places will even silently truncate the password upon account creation (but sometimes not when logging in). I run into this all the time when using 32 character random passwords that are kept in my password manager. (20 characters is a common limit.) This is why I use a password manager though, so I don't need to remember these purely random passwords. passphrases are used for things that the password manager is impractical for... like the password manager itself, heh.
3. Yep, that's about where I started disagreeing with the video as well.
I have a simple idea for a fix, that also makes the word list brute force fail. All you have to do is truncate each word and plan for the maximum password length. If it maxes out at 20 characters, you could do CorR4HorS&BatT!StaP$. I used to just interrupt a word or two with random numbers/symbols (random, not | for I or 7 for T, these are usually accounted for) to prevent a wordlist attack from working, but truncating every word, especially if you vary how you truncate them, makes wordlist attacks useless.
If someone has difficulty remembering passwords and won't remember random symbols, even something simple like Corrhorsbattstap1234 would be enough. Or even easier, they can do the same thing with a 4 word sentence because the words aren't on a wordlist when truncated.
If the service allows for a nice long password, you could easily just come up with an 8 word sentence and replace the last letter or two of each word with a number or symbol for maximum security, or just truncate them and use spaces if you're lazy and want something easy. You now have an easy to type 30+ character password that has to be brute forced on a character basis.
@@kitlith worse he literally recommends using the same single character in every word reducing the multiplier from 2^total length down to the length of the shortest word.
what do you mean "go that route"? a brute force attack doesn't care how you picked your password. that's why it's called brute force.
@@mrosskne Even a dictionary attack is a form of brute force attack. So it matters, try out jack the ripper. It's laughably easy to set up and try cracking passwords using specific schemes. If you can make the assumption that everyone uses passphrases, doing pure random character matching makes no sense.
One thing I'm not seeing mentioned is that the number of possible 16-character passwords assumes that users choose completely random passwords, which they very rarely do (unless, maybe, they are using a password manager). Even 16-character passwords usually consist of one or at most a few words, glued together with numbers or special characters. So it is much more efficient to begin your attack by trying normal words and adding a few numbers to them. You could also try some customary obfuscations, like replacing O's by zeroes or A's by fours. All this means your search space for a "normal" 16-character password is nowhere near as big as the 10^29 that was mentioned.
So well presented - as always. Thanks Leo.
I create an insane string of characters and DON'T BOTHER to remember them. Practically everything has a "forgot password" function that lets you log in with a text message or something.
Yeah, in this way the “forgot password” is basically functioning as multifactor authentication.
Very informative, Leo. Thank you!
If you start off by defining how long the password will be, then the random characters approach wins. Any four-word phrase will be just an instance of a random character sequence, and restricting yourself to words will reduce the range of possibilities. The length of the password is what makes a difference.
But the four words will be easier to remember than something from a random-password generator.
@@stevesmith291 No question.
@@stevesmith291 What's so hard to remember about p̶͇͉̯̰͊͒̂͆̚a̸͇͔̙̙͙̎͐̍͆̏̌͗ͅş̵̪̜͔̹̰̐̐s̷̯̲̪̪͈̐̊͊̽w̴͓̪̬͎̾͐̒́͗̾͗o̵̱̗̖̺͐̓̅̈́̕r̵̮̰̼͎͉͖͛͑̓̐͗̉d̶̘̲̣̿͛̀̎̎1̵̛͕͊̋2̵̡̛̙̝̦̹̚3̴̢̛͗͂̓̈́̕ ?
Try generating passwords with a phrase mnemonic - taking the first (or last) letter of each word in the phrase and also add in a special character and number(s) based on the phrase itself. I Cant Believe Its Christmas/Then 1 More Week Until New Year becomes a password of ICBIC/T1MWUNY
That gives the strength of strings of random characters but maintains the easy to recall aspects of using words. Plus there are far fewer issues with running out of characters on a given site due to their password conditions.
word passphrases naturally generate long passwords anyway though
for the average person it is basically impossible to memorize a 20 character password... but even if you are only using short words - memorizing a 6 word phrase of random words is pretty easy... and if you go by 4-5 characters per word on average and add some variant of spacing character in between each... thats easily 30-40 characters long, so way past anything a character based brute force attack has a chance to hit
so the only thing that needs to be accomplished from there is being secure enough that someone who knows your method/wordlist still faces too much complexity to realistically brute force it
in the end it doesnt matter if an attacker has to run calculations for 300 years or 30000 years... neither of them are viable attacks
The random letter password algorithm you're using to figure out how many possible combinations there are includes passwords like "aaaaaaaaaaaaaaaa" (16 of the same letter). To eliminate these and arrive at a more real world count you need to approach the problem with statistics. Your thought is exactly right, just includes the repetitive letter password which, I hope, no one would use.
A multilingual pun makes an interesting pass phrase. "No tiene any" for instance.
this was a nice discussion. the four words are pretty good. I recommend. however, they're definitely not more secure than the 16 random characters. take a 30K word dictionary ^4 = 8.1E17. take the 57 characters ^16 = 1.24..E28. eleven orders of magnitude better are anything but worse or even anywhere close. the operative word here is "random." if you just make a phrase made of 16 characters you're back to a 3, 4 word password potentially susceptible to brute-force. for the most part, systems will lock you out anyways before you even get to like 10 attempts. in this way your four words are still pretty good compared to "Password1" 😎
Your 16 random characters is 16 concepts, which must be memorized in a sequence. This exceeds the normal human memorization limits of 10 concepts in a sequence. And those concepts aren’t easy to memorize.
4 random words is at most 4 concepts, and those concepts are objects rather than arbitrary characters. By using the human ability to construct patterns, you can often reduce the 4 concepts to a single compound concept.
The point of the cartoon is that random characters are low in entropy and hard to remember. It gave a typical human attempt to create a secure password that can be remembered, and compared it to an equivalent security random word sequence.
It pointed out that the short password that met “security” guidelines was extremely hard for a human to remember but relatively easy for a computer to break. Whereas the 4 random words that did not meet guidelines was trivially easy to memorize, but actually harder for a computer to break.
Yes it is possible to create high entry short sequences that are even harder to remember, but just increasing the word table size and number of words will match the entropy while still staying relatively easy to memorize.
At 6 words from slightly larger word tables, your 16 characters is matched, and 6 words are more memorizable than a phone number, while your 16 characters isn’t memorizable.
Oh, very good lecture ;) Good work, both from the point of view of demystifying tech, or just giving people something useful that you can understand why is useful.
Well presented. Bonus for that EngineerGuy-esque voice :D
I'm sure others have commented similar, but I will shout out some complimentary info as well:
- There's a reason phishing and social engineering are so commonplace and successful nowadays (think massive, systemic scam call centers, and phishing emails). It's because it's 10^20-something times easier to make someone willingly give you their password, or indeed willingly send you money directly, than it is to brute force their password.
- It doesn't have to just be about the sheer length of time needed to brute force. All you have to do is change your password once and you've thwarted all current attempts to brute force it. That's why many places require you to change your password on a yearly or so basis.
- Having an easy-to-remember password makes it less likely for people to document their password somewhere unsecure (sticky note, unencrypted spreadsheet, etc.)
This is great advice for a single website. As soon as you add the number of websites that a typical user has, reuse creeps in to the equation. Because the user also has to remember all these complex phrases and their variations as well. The safest method is to use a password manger and generate a unique 20+ character password for each website. Then use a pass phrase for the master password. So while this video makes an interesting point, it actually doesn’t present a practical solution to real security. I don’t mean to demean the content, but you should do a followup on how real password management should be practiced.
As an aside, your analysis doesn’t include things like letter frequency and pairing in words. This reduces the combination space considerably. Every pass phrase is going to have at least one “e” in it, and perhaps more.
The problem with this is that people will choose uppercase/lowercase patterns that are easy to remember and type like grouping them together or alternating them. So while there are a lot that can be tried, only a few will need to be for most people. Also if people are picking the words, they likely will choose nouns over anything else. Once enough multi word passwords are leaked, they won't be so great to use since what people tend to do will start to be analyzed. Most people think their clever and random, but will end up choosing the same things as everyone else.
As illustrated in a comment below "Wow… I thought I had written this comment! Your ‘password’ algorithm’ is EXTREMELY similar to mine!"
Thanks Leo. That was fun. Like sitting in AP math when I was in school.....a loooooong time ago.
A really good way to generate multi-word passphrases is to use Diceware. Invented in 1995, Diceware requires only five 6-sided dice and a printed list of 7776 words. Each word adds 12.9 bits of entropy to the passphrase. There are programs that automate the generation (I wrote one ages ago; it's trivial), if you don't feel like rolling dice and poring through a table.
Diceware is the best, but a program to generate it is the worst, as you open yourself up to a new set of attacks and bugs.
It is much simpler to ensure you have a fair and unmonitored set of dice than it is to ensure you've got a fair diceware generator.
Actually only one die is REQUIRED although six will be easier/faster. Simply roll the single die six times.
Search "diceware reinhold" (URL may not be allowed to be posted) for a detailed explanation of using a passphrase and associated information, e.g. a good Diceware list containing 7,776 short words, abbreviations and easy-to-remember character strings (the average length of each word is ~4.2 characters). That list is also available in an alternate list that Alan Beale compiled to replace most Americanisms and a lot of obscure words with more recognizable alternatives. The main list is available in other languages.
Just wanted to mention that if you're going to use capitals, place them at random positions. It's common to capitalize at the beginning of words; put the caps in different places. Also, you might consider breaking words up, like baTt*ery. It's a little trickier to remember, but it really helps.
The tricky part that's not covered is how to generate this random passphrase. You need a wordlist from somewhere, and if that wordlist exists then it's available for hackers. In my experience wordlists have been quite short too, 2048, 4096 words are common, or 7,776 (diceware) but often much less than the 30K. And sometimes it's unknown: I use bitwarden and it has a passphrase option that defaults to 3 words, from a maybe 4096 word list, it has caps (first letter only option, which just doubles the entropy) a preference for separator and options to put a digit in. Maybe 10^15 at most. So, definitely room for user error if doing this, much more than random chars.
Well, you don't use a word list that's been compiled for some automated process. You use your own vocabulary, and include stuff that's not part of the average vocabulary. Most people will have hobbies or work that has its own words for things. Sometimes they're just different words for something that's commonly called by a different name, but that's enough to drastically decrease the chances that it's in some cracker's word list. Acronyms count as words, too, which can be further modified by un-abbreviating parts of them. And if you choose a word that's easy to misspell, even better; mispelled (misspelled, mis-spelled, misspelt, mispelt, etc) words are also distinct from their "correct" spelling and might even be outside of all recorded word lists.
Using your own brain to pull words from disparate sources that you're familiar with will give you a mental word list to work with that's unlikely to be entirely contained in someone else's automated list even though it may be quite short due to your limitations as a mere human. You are a unique individual with a unique set of knowledge, experiences, memories, and thought processes that nobody can duplicate. Leverage your individuality instead of relying on real-world tools. Hackers can't access something that only exists in your mind.
To keep things easy to remember, come up with rules for how you use things and follow those rules in every passphrase. Some examples: Rely on acronyms and proper names to provide your capitalization. Always use the same special character and in the same place (like always putting an interrobang after the third letter of the second word). Use the year for your numbers, but backwards and with the two inside numbers on the outside, and use them to separate your words.
If you never tell anyone your rules, don't use a rule that's easy to guess (like always capitalizing the first letter or always ending with a number), and never write down your passphrases or rules, then nobody will ever know that you use any particular rule(s) to be able to narrow their range of attack. If you're worried about someone deriving your rules from cross-referencing passwords between decrypted leaks from multiple sites, then simply change your rules every few years or on occasions when you become aware that your password may have been leaked/compromised. Remembering a new ruleset is no more difficult than remembering a new passphrase, and is a lot easier than remembering how you spiced each phrase individually.
Maybe I'm misunderstanding but can't you just open a physical dictionary at a random point?
You could do that, you'll need a random page and a random word on that page, but how random will it actually be? Humans are terrible at being random. We'll open the dictionary more in the middle, or it will fall open at natural places, we'll skip over long words, hard to spell words etc, all of which greatly reduces the entropy.
Suppose you solve the randomness and do take a large single volume dictionary like NOAD with 350,000 words. A single word from that represents log2(350,000) = 18.4 bits of entropy.
An easy to spell and remember 2048 word dictionary is log2(2048) = exactly 11 bits of entropy.
So just two words from the simple set has more entropy, more combinations than a single NOAD word (which is also very easy to see as 2048*2048 = 4M > 350K).
Another way of looking at is roughly 5 NOAD words has barely more entropy that just 8 simple words (10^27 vs 10^26, or 92 vs 88 bits).
If you only have pocket dictionary, things are even worse with maybe 35,000 words, 15 bits per word and you need 6 words to compare to 8 simple words.
So personally I would rather pick more words from the low word count common dictionaries I mentioned than try to achieve this physical method reliably and end up having to remember how to spell a word like "esquivalience"!
@@marcwilliams9824
The average user can only remember 10 bits of entropy without resorting to things like kid's birthdays, sticky notes, etc. The TRUE advantage of pass phrases is they are easy to remember without writing them down.
They are also longer, easier to type, less frustrating, etc. And user frustration combined with users trying to de-frustrate their life is how passwords get compromised.
Because those four random words contain more than 16 letters.
I just checked a password strength testing site. It calculated that in eight character, strictly alphanumeric password would take 8 hours. When I added in a single special character making it nine characters long, it jumped to 3 weeks.
8 alphanumeric characters takes closer to 2 minutes to crack.
It's interesting the steps hackers have taken to brute force a password guess. One method is a rainbow table, an enormous database of hashed words and their source text, which gets compared to a hashed password. To maximize the HP, they use motherboards that support multiple processors, equip them with the fastest multi-core CPUs. Then, they load up every expansion port with the highest performance video card they can get, and use special software to utilize the cpu's on those cards to help with the task.
Since the point of random word "phrases" is that they're easy for humans to remember, adding random capitalization would completely defeat the purpose, as you'd just be left with a very long string of binary digits to remember in addition to the four words.
Choosing "your own" capitalization scheme, wouldn't make much difference, as there aren't that many different schemes an average person would choose between.
The real advantage comes from the fact that most people don't - and never will - use completely random strings of, say, 16 characters. Rather they use words and numbers, maybe in combination with some capitalization scheme and one or two special characters thrown in, as is always recommended even though it increases the security by very little.
So the "string of random characters" is really just a phrase of one or two words, and it doesn't take much to realize that a four word phrase beats a one or two word phrase.
In terms of entropy, 4 words (30000^4) is equivalent to about 9 random ASCII characters (95^9.055) while being easier to remember.
You could also forget the special characters and just add one more character for the same complexity.
If you're truly picking from a large word list you could get four words like: Susquehanna abstractedly hitherward unwonted
There's no way it's easier to remember than "ICL1 yek TM2" unless you're throwing out any words you just don't like, and then it's not really from a list that large.
Even by your own high standards, this was a mindboggling and highly useful, reassuring video. I enjoyed watching your eyebrows go up and down as you said the big numbers. I assume that using words from 2 or 3 different languages including Latin would add a piquancy to those combinations that would bedevil even a quantum computer?
Great preso, Leo. Thank you!
Excellent video, Sir! Thx.
with the 16 random characters, "random" is the critical part. things like replacing an e with a 3 are not as clever as people think, therefore less secure
Yes. Missed the point of the comic completely.
Ouch, my head hurts now. Lol.
That's way too many numbers for me and I stink at math. But this is very good to know, thank you again Leo!
I use this style for my "master passwords", ie my password manager and the few sites I log into by hand. I also obey the rule of entropy, I'll use a DiceWare wordlist and roll up *most* of the words. I'll also invent on the spot a list of 6 proper nouns or foreign words, and roll one word off of that sublist with a physical die. Sure, one of the words is one of six words, but it's six words that aren't on any Diceware list, and I'll try and pick a theme each time. Finally, I'll capitalize and add punctuation and such to make it memorable, but without altering the random words. This way, the entropy in the word selection isn't compromised, and a little more entropy is added in.
I figure this should be pretty resistant to brute force. If I am ever targeted to such a degree that a hypothetical attacker is going to try and suss out possibilities for my 6 word personal sublist, I'm already susceptible to the $5 wrench attack.
So, would, "Fur die tod reiten schnell" be a good passphrase by your methods?
@@horusfalcon Not if the hackers are German.
It gets even better when you deliberately misspell words.
My favorite: mixing words from a few languages to make up a passwort (🙂). My next task: invent a personalised upper-lowercase system.
One problem is that you have to memorize the 'random' capitalization rule you decided on. Same with the 'spaces'.
Also - choosing 'random' words is hard, same with 'random' schemas for capitalization and spacing. Remember too - you have to type it in, the more complex your schema, the harder that will be to do.
I think a lot of people take away that a four-word phrase they think of is going to be hard to figure out, and that's just not the case. Picking random words is pretty hard - even the 'correct horse battery staple' has three of the four as nouns, none of the words at all obscure.
And - a new phrase/schema for every password? The capitalization schema either needs to be simple, or you are basically making yourself memorize a (on average) 20 bit number. If you make it too simple, it is easy to automate searches for it, same with throwing in what's going on in the 3 inter-word 'spaces'.
Really - this is why we have password vaults, which most people don't use anyways.
Don't pick words yourself. Let your password manager do it or flip open your dictionary (you have one), close your eyes and put your finger on the page. Do that four times. Done.
@@brownro214 your dictionary method is not terribly random (humans are terrible at doing things randomly), and if you are using a password manager, go with the 20 character random string it suggests instead.
underlines are just non-alpha characters.
Thanks Leo for years of your free contribution. certainly random words are preferable for ease of memory but since every word eventually consists of characters, the hacker simply needs to view the password as characters, not words and follow the same rules that you mentioned.
I have another question; in your opinion what is the best password checker? Thank you again.
In that case, "Correct Horse Battery Staple" has 28 characters, and even if the hacker correctly assumed the capitalisation, that would give 27^28 = 10^40 possibilities. Brute force on that would take longer than the life of the universe. The hacker is much better off using a 4,000-word dictionary attack with around 10^13 possibilities to test.
You missed the point that if you treat a passphrase as 25 individual characters (Correct Horse Battery Staple), it's basically uncrackable.
The original argument was that people don't actually chose passwords randomly. They often pick a 8-12 character dictionary word, add some random capitalization, make a few predictable substitution (i -> 1, e -> 3, l -> !, etc), and perhaps a random control character to satisfy password complexity requirements. What you end up with has less entropy that a 4-word passphrase from a 4096 word dictionary, even before you begin to add capitalization or modifications to that.
I've been using the example of "The Yellow Dog Eats The Blue Cat" for over 20 years as what i consider to be a "simple" password. Passphrases are just better. Folks used mnemonics in the 90s to remember TyDetS46, instead of a mnemonic, just use it as your password to begin with.
My mind is literally blown right now. I have *never* considered using multiple words to make a password. I was always told to avoid using real words, so I've always tried that. But remembering longer passwords is *hard* when they're full random. But stringing together 4 words with a known capitalization strategy and special character bridging? That's an *easy* 20 character password to remember.
Excuse me, I need to go update a bunch of my passwords.
Imagine using common words maybe easily 'discovered' but you use them in a backwards fashion such as Merbum and not "Bummer" and then add Agegar and not "Garage". Then add two more that sound fun and easy to remember, even long words. It's a picnic if I don't nit-pick?
Something else one can do to increase security, is take your words and make them into a nonsence phrase, sure some of the connecting words might be predictable, but it is more characters and more to check. "The correct horse carries the battery for the staple gun".
What screws up a good password methodology is when a server/system gives you specific, narrow requirements.
For example, one website might allow spaces, case, special characters, and numbers. But another server might require passwords that have one capital and one special character but can’t be any combination of xyz or repeating characters or spaces. I’ve seen this issue come up at the big business level where you have a single password management system for the enterprise and many service accounts tied to it, each with their own unique password rules.
Excellent explanation. Many thanks.
25 years ago when my employer enforced password protection that had to have 8 characters, be changed every 6 months & could not be repeated for 23 instances and had to be activated every time the screen saver came on i realised that I wouls be spendind a measurabel amount of time each day entering my password. I therefore developed a password that could be entered with one hand (except for caps) & without moving that hand. The only problem was when changing keyboard languages !
A colleague, when on one occassion was required to enter my password commented that my password was very complicated to which I replied, "not if you are a left-handed piano player.
Point of observation is that, not only is it human to have passwords that you can remember but that it should not take too long to enter if you are not "touch typist" proficient.
I feel, being dyslexic helps with password production, like, if I tell someone a password, often they cant get in because it turns out that the way I thought that word was spelt was actually wrong...
The new large language models (LLMs) are predicated on massive training sets of “language as commonly used” to predict most likely word sequences. Maybe we should avoid pass phrases and concentrate on random word sequences instead. Your thoughts?
Pass phrases done correctly ARE random word sequences. :-)
@@askleonotenboom Yes, but I've never really bought into the notion that this really is any better. And it's going to vary widely from language to language. correctHorseBatteryStaple is 50.98 bits worth of entropy EUf8wfxChNLSDUDjHH5gsyVyD is 138.33 bits of entropy. This is one of the things where Randall screwed things up. It's weaker security and it only really makes any sense if you're trying to remember the password. Which doesn't really make much sense as over the years, I've accumulated hundreds of passwords and in many cases there are mandatory password changes as well.
@@SmallSpoonBrigade You have to remember at least one password. Use a passphrase (spiced in some memorable way) to create a long password that you can remember for your password manager. Then use that manager to store the longest allowed random-character passwords for each of the other sites/systems that you have passwords for.
This provides the best of both worlds. The password for the most private (least likely to be targeted/compromised) system accommodates your humanity while the passwords for the more exposed systems provide the greatest challenge possible for analysis / computing hardware.
I don't understand your point. If you use the same number of characters in both the "four random words" password and the "random characters" password, the resulting password strength should be the same. The only difference should be the ease of remembering the random word password as opposed to the random characters password.
If you're saying that the "random words" password is more secure because it has more characters in it, then a "random characters" password of equal length should be just as secure. All words/phrases are composed of the same characters that could be in the "random characters" password, so passwords of equal length should be equally secure, correct?
The point is by using four or more random words your making it easier to remember a longer password, and thus more likely that a longer password would be used. You can remember :"correct horse battery staple" at 28 characters, but no one is going to remember a truly random password of that length.
Absolutely, I don't think he thought this through! 😂 His answer to you is just a fudge to try and cover that up isn't it! The maths used in the video clearly doesn't back up his "explanation" to your comment because I think (I lost interest halfway through!) he comes up with 2 completely different answers for a 12 character password depending on whether it comprises 12 random characters, or 4 words. As you point out, that's not possible.
@@askleonotenboom *you're (contraction of "YOU aRE")
your = possessive
@@pjay3028He explained quite clearly in the video that the advantage of the passphrase is its length. Adding some random capitalization and special characters increases the possible combinations of a passphrase quite a bit.
@@drooplug try and think it through logically.....!
Assume 6 word average length (because I'm evil)
Assume 5 word parse characters
Assume 1 archaic word
Now, add in a character substitution scheme
And now your entropy is high enough that you could in fact assume one password attempt for each Planck volume in the observable universe. Add a couple of more words, and you're at one per Planck volume per Planck time.
As long as you don't repeat passwords, you're actually pretty golden
The generator of my password manager, on top of all of that (except for random capitalization), gives me the option to insert a random one-digit number at the end of any word. I wonder by how much that further increases possible combinations.
I kinda do this... former UNIX admin, so creating good passwords and remembering is a skill I have. I take a few nonsensical words, do some special "text manipulation"... not all that hard.
Passphrases are really about increasing the character length (brute force complexity) of passwords in a way that makes them useable for people. They're only really useful if they're not the ONLY (required) option, though. For this reason, though, dictionary words are not the only option for people to have that would be memorable.
Right but because they use words they are massively massively less secure than the equivalent amount of random characters.
So you can kind of look at each word as a character of a much larger alphabet, and we only use 3-5 of these characters. And capital letter replacements or numbers etc can make it way way more complex.
@@mynameisben123 Which is why my last sentence is what matters :P If passphrases were the only option, then it'd transfer too much from security to convenience. There are of course far more options that just one dictionary's content, though...
The ‘correct horse battery staple’ method is a neat idea but I have a few reservations about it.
Firstly, although the average person may have 30,000 words in their vocabulary I would hazard a guess that when asked to produce memorable words for a password they can only draw on a much smaller number of words, probably only a few hundred, maybe a thousand or two. Try it and see how soon you dry up, bearing in mind that they need to be memorable words.
I don't think that randomly capitalising letters is very practical, it's too difficult to remember, but an alternative is to capitalise eg every letter ‘T’ which would add a factor of 26.
Adding a number or a special character between each word adds a further factor of about 20.
Of course you can make your password much harder to crack by misspelling words or using foreign or made-up words but the average person isn’t going to do that.
Assuming that you do manage to get the number of combinations up to a high enough level by using obscure or misspelled words there’s another major problem. Most people have not one but many passwords that need to be secure. I have about fifteen. There is no way that I can remember 15 different phrases containing misspelled or obscure words let alone remember which phrase goes with which account.
So I use a password safe containing long random character passwords.
You use a password generator to create those long random character strings, right? So why do you assume a person wouldn't use a random _word_ generator to do the same thing?
And random capitalization, to use an example, can be based on a system that you devise which is also easy to remember. Say, for a five word passphrase, you capitalize the fifth letter of the first word, fourth of the second, third of the third, second of the fourth, and first of the fifth. That would be easy enough for a hacker to determine if they knew your system, but they have to figure out your system first.
They are not supposed to produce the words. They are supposed to be randomly generated. They are also not supposed to randomly capitalize words. Also, the comparison is not supposed to be against randomly generated string passwords. I highly recommend reading the original comic.
I've been using 32 character passwords for years and without any repeating characters in every password. I figured I may as well giga futureproof my security and I noticed that none of my accounts were ever hacked again.
Were any of your accounts ever hacked so that you decided to go to a more secure password?
Yes, my Rockstar games account was continuously hacked by someone in Russia several years ago. It hasn't happened a single time since I started using random nonsequential and nonrepeating 32 character passwords. I've noticed attempts on my accounts when I see texts or emails with a login security passcode, those desperate bastards.@@brownro214
In fact, my brother’s method is even easier: invent a sentence for yourself, which you can make as long as you want, and including numbers, names of people and places, and choose the first letter of each words following the logical spelling of lowercase and uppercase. Include other kinds of characters where you want (!%&). Example: I am going to (t or 2) Paris in four (f or 4) weeks with Fanny and Zoe to (t or 2) visit the Louvre! It becomes « IagtPi4wwFaZtvtL! ». You now have a 16 characters password easy to remember and tape, and as long as necessary. Plus you dont have to remember which letters are lower or uppercase, you just follow the logic.
That might help to memorize the password but it is not harder to break than a randomly generated password of the same length.
@@brownro214 Neither are passphrases. Random characters of x length are by definition the hardest to crack.
What this video doesn't seem to address is that the four-word passphrase should contain words with a minimum length of four. Surely "a", "it", "is", "i" are all words and are part of the "30-thousand" word set of most commonly used words in the English language; however, choosing "a it is i" is much weaker than 16 random characters. The point of the video does stand, however, as I'm sure there are more than 30-thousand words of length four or more that are both commonly used and not commonly used. Also throw in a few words from other languages that one may know.
I had an argument with someone about this a few months back. I wish I had this video then. The person who said it was "too easy" shared something that said he was wrong, but he still wouldn't back down.
You calculated the number of permutations not combinations for passwords.
Another tactic to add would be purposeful idiosyncratic misspellings. For example, using the words "Kit Kat Klub" avoids using any words it the dictionary but is easy to remember for anyone who has seen the movie "Cabaret"
I am glad to see that everyone who actually understands this topic is commenting about how the video gets the advice/conclusions wrong. I am sad to see that the people who don't have a background in cryptography or computer science are praising it as a good video.
I used to use "This is an annoying passphrase" for 2048 bit keys.
I approve. :-)
Interesting video! I never thought about the possibility of using a combination of random words for a password. That would certainly make them not only much easier but even just possible in the first place to remember compared with the random string of letters, numbers and symbols.
But I have one question regarding how much more secure that would be: Since the brute force hacker (or as you pointed out in the video: the computers doing the hacking) doesn’t know whether a password they’re trying to hack is composed of words or random letters/numbers/etc, wouldn’t their approach be the same anyway? I.e., wouldn’t they just try out combinations of letters/numbers/etc that they vary with each attempt? So why should it make a difference for how hard the password is to crack whether the correct letter/number/symbol combination forms a random string or a combination of words that make sense in a given language?
Years ago a security guard where I worked told me to use a passphrase. I have been using them ever since.
other ideas: words from other languages, purposeful misspellings - such as adding a letter to each word, or using some modified form of leet - like replacing any E with 3, for example. Of course the danger is forgetting what you did.
it’s worth remembering that no matter how fast you make the computer that’s guessing the password, the computer that has the account on it has to accept the attempt and respond. That is never going to be anywhere near the speed of the guessing computer. Of course that is not the case for say an RSA encryption where you are trying to find the complimentary prime.
at the most basic level, "words" are just a subset of the set of "random characters stringed together". Keeping the number of characters the same, the number of "words" (made from 26 upper and 26 lower characters) will always be less than the number combinations you can make from a set of 72 random characters. What you really need to compare in terms of what's more secure is the length of the password string and the set of allowed characters. it is completely irrelevant if a sequence of characters in the string can be recognized as "words"
Thank you for yet another really useful video. I'm in your debt.
Unless a login explicitly demands words (and *real* words, without typos), a multi-word passphrase will be interpreted by the technology as any other random string of characters, yes? Brute-force programs aren't going to type "aaaaaaaa" and then go "wait, no, that's not a word, forget it."
"Correct Horse Battery Staple" is 28 characters (counting spaces) out of a pool of 53. That's 53^28, which is approximately 1.9x10^48 possible combinations.
So yeah, unless I'm missing something (a distinct possibility!) we shouldn't be thinking of the words as individual things, so counting words is still lowballing the security.
I felt there was maybe a bit of a jump between odds for five-letter words and calculations using the total number of words in the OED, since they're not all five-letter words.
He was estimating that the average word had 5 letters.
This is something I've wondered about for a couple years so I'm glad you addressed it, though I'm afraid I didn't _entirely_ follow the reasoning.
I've long been fascinated with the exponential increase in time-to-hack with each additional character, and I understand that basic premise. So for a few years, most of my passwords have been at least 12 characters long, not to mention a mix of cases & character types. I've only used passphrases a few times, for the convenience you mentioned. Your video also made me realize the advantage words have over characters just by the sheer _number_ of words.
What I don't understand is this: What's to stop a brute-force hacker from creating an algorithm that sees the space in a passphrase (if there is one) and then takes it one word at a time, _predicting_ each word as it goes? In any passphrase using real words, like "Correct Horse Battery Staple" or even "coRrect horSe batteRy staplE," wouldn't each word be relatively easy to predict once the first few characters are known........ and *OH, I think I just answered my own question.* The algorithm couldn't _know_ that it got the first few characters correct until it figures them ALL out and tries out the passphrase to access whatever is being protected.
Well, now that I've typed all that I might as well post it. At any rate, I'm definitely more inclined to use passphrases now! Thanks.
Since you're a sci-fi fan, I wonder if the HAL9000 system, Colossus, or Dr. Daystrom's M5 (by far the newer of the three) would be able to crack a good four-word passphrase in just minutes -- and all while shooting Klingons. 😀
There's no way for an algorithm to "see" a space in a passphrase. You probably know that cracking a password isn't done at the password entry screen as most systems will lock the entry after perhaps 4 or 5 incorrect attempts. What happens is that the system stores passwords in an encrypted format using an algorithm that is not reversible (hashing). The hacker steals a copy of that table from the server and then runs passwords it generates through the same hashing, trying them against the hash values in the table. When it finds a match, it knows that password that belongs to that entry. The passwords it tries are either made from random characters (brute force) or words (dictionary attack). HTH.
The would be hacker just CAN'T know if you are using actual words. Can't know what language is used. Can't know if you are using invented words. Can't even know if you are even using words at all.
A passphrase could be 3, 4 or 5 «words» of 5 to 12 character long strings of totally random characters.
So, he's back at brute force attacking something that can easily be over 30 characters long. And, that would require, on average, more time than the Universe is old. It may take over a trillion years.
Also how does it know where the spaces are?
You are correct that the password cracker wouldn't know it had the first few characters correct. Glossing over some of the technical details... passwords are fed into hash functions and only the hash is stored. A hash function is an algorithm that takes some input and produces a usually fixed length output. To crack a password you simply need to find something that hashes to the same value as the real password, if that thing is not the original password it's called a (hash) collision. A good has function should have two properties. It should be very difficult to figure out what the input likely was given the output, and it should spread it's output values evenly over it's possible output range. The second point is very important for password security because it means if you make a guess at the password that is close to correct the output doesn't tell you that you are close.
@@mynameisben123 .. no algorithm ’knows’ where spaces are, because a space is just a special character.
BTW… I don’t think ANY password system even allows spaces. I’ve never run across one in my 50+ years in computers.
I used to play a game with people where you had to rapid fire 4 words that were completely unrelated to each other or anything in the room. Its harder then it sounds. If you can find a prima facie connection for two of their words they lose.
I've been a long term visitor to your Ask Leo web site.
Well... For a starter, 4 words usually make for more than 16 characters. Then, the hacker just don't know if we are using random words totalling, say, 30 characters, what language(s) we are using, if numbers or special characters are added, or if it's just a 30 characters long string of random characters.
One can use an invented word. If you have some knowledge in 2 or more languages, you can use words from all of them mixed any way you want. Then, how about accentuated characters ? Like in French : éèêëàâäôöûüîïŷÿ.
Password handling is imo the primary benefit for proper passphrases, like when you can actually remember your password you won't just have it in a text file or a note on the screen
The only time you have 30,000 possibilities if you are forced to create a word. Brute force by character is at something like 54^x. Which means it’s less secure for an equal length.
Always has high respect to these people who are termed as "Nerd".... they are really professional
And if you use a password manager, you only really need to remember one (or a few if you have multiple managers, or applications that are hard to use with a password manager) strong passphrase, and then let the manager generate traditional long random gibberish passwords for the actual sites that it will remember for you.
Plus, you need to add in misspellings to word phrase passwords, then they just become an easier to remember long password.
What about slipping a foreign word or two in that 4 word password? I would assume that would increase the security. Am I correct?
Also, this math based comparison assumes that the attacker knows you are using a pass phrase. If they dont know that then they have to resort to brute forcing it. Should you are using longer(6+ letter) words you suddenly have a 20-30 character password that is dirt simple to remember and you get that fancy exploding 72^n possibility space!
This is cool I’m gonna start using correct horse battery staple for all my passwords now
An awesome way to make unbreakable passwords that are easy to remember are song lyrics. I once used a RUSH song " what you own is your own kingdom, what you do is your own glory, what you love is your own power, what you live is your own story" that's a 28 word password
Not unbreakable. They are using popular phrases sometimes now. If you're not doing random, you're vastly reducing the entropy of your passphrases.