What is password entropy and why it really, really, matters
Vložit
- čas přidán 25. 07. 2024
- In this episode, we explore password entropy and why it really, really, matters.
==============================
SUGGESTED
==============================
Common password misconceptions that fooled me at first 👉 • Common password miscon...
==============================
LINKS
==============================
How secure is 256 bit security? 👉 • How secure is 256 bit ...
TrustToken 👉 www.trusttoken.com/
Exploring the password policy rabbit hole 👉 sunknudsen.com/stories/explor...
==============================
SUPPORT
==============================
Support this channel 👉 sunknudsen.com/donate
🤩 password discussion!!!
"The easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product." ― Bruce Schneier
Moral of the story: Complicating a password can *sometime* give a false sense of security.
6:44 I don't understand why you've limited the complex password character to 75, all ASCII printable characters except space is 94 characters, this provides higher entropy than the passphrase you've mentioned. Also, it doesn't really matter how many bits of entropy a password contains if it's on a dictionary of common passwords, as these are usually tried first (dictionary attack) before attempting to brute force.
Thanks for the feedback. I only used 75 characters because these are the ones most people know how to type and, as a result, most random password generators include. Great point about dictionary attacks. I mentioned “truly random passwords” a few times in the episode and also refereed to dice rolls and hardware random number generators. Hopefully the point came out. That said, thanks for your comment. The distinction is really, REALLY, important. 🙌
"complicating a password can sometime give a false sense of security"
If you're clueless and use a weak implementation, one that's not been the subject of any independent security audits, then yeah. Otherwise, replace complicating by strengthening, and false by true, and remove sometimes.
Moral of the story: don't be a smartass.. Always do your part and use the strongest password that you can remember.
Yey, thanks for the content 🤟🤘
You just made me more deeply understand entropy and how their strength are related to one specific length and combination to another!
Glad this content is helpful. 🤓
This channel deserves much more viewership.
Beautiful video, encryption is poetry.
Your English is really good! The only pronunciation that stuck out to me was when you pronounced 3 as “tree”. The “TH” sound can be difficult to pronounce sometimes, but I wouldn’t worry about it. You are very easy to hear and understand. 👍
Thanks for the push! I messed up “to the power of” a few times. Not sure why I used “to the factor of” instead. Oh well…
@@sunknudsen I would not worry too much on it, the overall meaning of the message is clear and frankly I got instantly the mistake once you showed visually the calculations and after that I just had no attention on it. I think perfectionism on being correct is good, just keep it in a healthy range and frankly never try to degrade or believe it from anyone your true power!
I believe what you are creating with this privacy guide channel is very much needed.
I hope (this is solely my own wish and hope) it will also bring awareness to enough people to create enough noise to achieve that Snowden gets his fair trial and eventually be pardoned and allowed to come back to his home country with an much much more changed country where the majority of the system, people and the gov privacy oriented for REAL not just on the PR and media level!
insightful videos as always.
Interesting and encouraging work and information.
very interesting!!
Nice video.
helpful, thanks
Nice video, btw, what is your native language? French ?
in another hand, i'd like to ask, what do you think about brave browser for security. Thanks.
If I remember correctly he once said, he is a Dane, so Danish is his mothers' tongue.
First name is the result of creative parents. Native language is 2/3 french and 1/3 english.
Hey Sun! Overall you are correct, but one point is that your $3M estimate to break a password secured with PBKDF2 is an interesting beast to calculate. Many uses of PBKDF2 use SHA256 as their hashing function. Even assuming a very large number of iterations it pales in comparison to how fast some of the specialized hardware that exists for SHA256. Off the shelf available mining hardware for Bitcoin currently goes at 4.73Th/s and the network-wide hashrate is 128Eh/s. In some ways this isn't a one-to-one comparison because mining is trying to find the hash of an 80 byte data chunk that has N prefix bits, but in some ways it's more than fair of a comparison because miners are hashing a larger amount of data (most passwords are not 80 bytes) and they are performing the hash twice (SHA256x2).
Thanks for sharing! I will publish an episode dedicated to how this was calculated. macOS uses PBKDF2-SHA512 to hash passwords (mode 7100 in hashcat) with a number of iterations generally above 25,575. Looking at hashcat hash rates for mode 7100 on p4d.24xlarge instances, one can extrapolate 10,883 kH/s at 1,023 iterations to 435.320 kH/s at 25,575. As a result, (75^8)/2/(435320*60*60)*$9.8318=$3,140,378.72 USD (at spot pricing). Hopefully, I have the math right. Would you happen to know if Bitcoin ASICs can compute PBKDF2-SHA512 hashes? If yes, would you happen to have hash rates?
@@sunknudsen Bitcoin miners can only do SHA256x2 and only in a limited way, not useful directly for password hash bruteforcing. My only point was that if Bitcoin miners can fabricate and make such hardware we can assume dedicated actors (like government) area also doing it on a similar scale with dedicated ASICs. SHA256 and SHA512 from an ASIC perspective are very similar.
Salut Sun et merci pour tes vidéos, STP peux tu corriger et expliquer à cette personne de cette chaine "Security and Privacy Academy" sur sa vidéo sur "Password Entropy explained". Merci pour ton retour
Hello Sun! Thank you for your guidance 🙏. I'm a recent sub and I'm still catching up (like of the 82 I'm still on around 10 😬). Unforunately, I'm a Win user and just subbed on Nord & Malwarebytes and saw your vid after. I have to work on what I have and make the best of it.
There's something I'd like to understand though; you mentioned before authenticator on mobile and password manager on laptop. I like the compartmentalization idea. But what if you need passwords on iOS mobile? I agree that having both authenticator and password manager on one device is scary. I'm still catching up.
It really depends on where one wishes to be on the convenience to privacy/security spectrum. I personally stopped syncing passwords to iPhone and use YubiKey for TOTP. Typing passwords on iPhone is not convenient, especially when passwords are long random strings, but setup is more secure.
Hi, Sun . I'm not sure about entropy calculation of using 5-word passphrase from EFF wordlists (4Dice), If each word has at least 3 characters plus 4 separators then your password has (3*5)+4 = 19 characters. So, the entropy should be log2(75^19) ~ 118.34 bits. Is that right?
In fact, the hacker will not know which source (such as EFF wordlists) we used to create password. So, the only way the hacker will know the source is bruce-force attack is successful. Do I get this right?
In the same way that a hacker attempts a dictionary attack to reduce the size of the password space, we can imagine an "eff passphrase attack" in which the hacker tries all the 5 words combinations in the eff list. Then the entropy is what Sun calculates. A hacker would try that before attempting the full brute force attack. At least that's how I understand Sun's point.
@@AbuMaxime That's true! If I am hacker, I should try the common and small password set first. Thank you for make me clear. 👍
@@joost6515 you welcome.
Hey Sun, just wondering, why are you still on Catalina and have not updated to Big Sur?
Great question Sergio. I should answer it in the near future as I cover Big Sur and M1. Stay tuned!
Sun, Any updates from 1password?
Work in progress…
Salut Sun ! En parlant d’AES-128 et AES-256, j’ai entendu parler de courbes ECC qui permet de chiffrer sur une base 128, et qu’elle était aussi robuste que l’AES-256. Est-ce vrai? Pourquoi pas un point dans une vidéo pour parler de l’ECC face à l’AES ?
Salut Stéphane, fais-tu référence à en.wikipedia.org/wiki/Elliptic-curve_cryptography? Si oui, ECC est utilisé dans l’univers de l’encryption asymétrique (vs AES dans l’univers de l’encryption symétrique). Généralement les chercheurs semblent dire que, dans le contexte de l’encryption asymétrique, EdDSA 128-bit est équivalent en terme de sécurité que RSA 4096-bit.
Sun, we need to have a serious conversation about your channel, you offer waaay too much value! IMHO, you have to start using clickbaits. Recently i watched Veritasium, video "Clickbait is Unreasonably Effective", and i strongly recommend it. A better description for this video: "You will be hacked if you don't do this NOW" and then a thumbnail with Vendetta's mask on fire! That's what we are talking about! :D haha
Pretty sure thats not what he's going for. Although it would get more clicks in all likelihood, I imagine it would end up diluting his informative tone.
Thanks for feedback and I agree titles and thumbnails are not at all ideal to drive clicks. I also watched Veritasium episode and it was inspiring. I will try to improve clickthrough rate while preserving tone. Work in process… 🤓
@@theepicduck6922 To be honest, i don't care much about diluting a bit the informative tone. Sun packs A LOT of info in his videos, losing a bit of that for the sake of getting more views is a good thing. Privacy needs to become mainstream and we aren't gonna achieve it by packing so much info in one single video and making the thumbnail as accurate as possible. That ain't gonna happen! Take for example the Linux community, they want freedom, but Linux is becoming more mainstream now because of Ubuntu and all those user friendly distros, which Linux hardcores hate. Technical channels need to sacrify a bit the informational tone for the sake of attracting more attention. I hate to say that but that's how the world works, not only youtube! :( Linux would have never become so mainstream as it is now with the Arch Linux community! Maybe Sun could split the channel, one "Privacy for your Grandma" with all possible clickbaits and ways to monetize the channel and the other "Hardcore privacy" (which is exactly the channel now)
3:16 isn't it probabilistic?
why if a computer that all those words and make millions of combinations to guess the passwords??????? those words are public!
Multiple dice are called "die".
Isn‘t it the other way around? You roll a (single) die and stack (many) dice?
@@brendanleber8903 It's the cancer brain that's what I meant.