[Cryptography] Recommendations in lieu of short AES passphrases
Kent Borg
kentborg at borg.org
Sun Sep 18 17:43:08 EDT 2016
On 09/18/2016 04:26 PM, John Denker wrote:
> Some of the smartest, most security-conscious folks I know use
> password managers.
I do think it is possible to use an electronic password manager, but I
also think it is really hard to do well, and really risky for a normal
person to attempt. One false move, and while you sleep a Russian mobster
on the other side of the planet can destroy you.
In contrast, physically writing down passwords is pretty simple, and
hard to mess up on an invisible technicality. We are pretty familiar
with physically protecting things--far better than we are with
protecting data. A written record isn't as flashy, but it has an attack
surface that is tiny, very local, something a normal person has
experience with, something it is possible for a regular person to judge
and reason about. For those among us who long ago learned they can't go
a week without losing a wallet or car keys, they might then also figure
out some important passwords should not be carried around on a daily
basis, either. By being in the physical domain, these are all things
normal people can reason about.
But whether some particular buzzword-compliant password manager that has
a 4-star rating is a good or bad choice, because it does or does not use
a good ZK design, is not something normals can judge.
Certainly there is the argument that users are bad about passwords,
because they clearly are! But this isn't going to be fixed with some
magic technical solution.
We expect regular people to have some horse sense to avoid getting
ripped off in the physical world (we start teaching how as toddlers),
but in virtual worlds techies like to throw up their hands, chant 2fa,
and tell us to start ordering retina scanners.
People are going to have to learn a little. No way around it. I don't
think Joe Average needs to become a STEM wizard (I hate that fad), but I
do think Joe has to learn a little. Starting with "don't recycle
passwords", "write them down", and some diceware-style advice for how to
choose decent passwords.
I don't think that is a horribly ambitious idea, I don't see any simpler
approaches, and I think it would accomplish a lot.
-kb
More information about the cryptography
mailing list