[Cryptography] Of writing down passwords
Maarten Billemont
lhunath at lyndir.com
Tue Sep 23 14:45:41 EDT 2014
>
> The dogma against writing down passwords is one of the worst things that
> security practitioners have continued to promulgate, and by "worst" I
> mean in terms of impact on effectiveness of security (second only to use
> of firewalls, but that's not a crypto discussion). To tell users that
> they have to have a password that by definition is hard to remember, but
> they're not allowed to write it down, goes against all usability notions,
> and invites the crappy password choices that really do cause problems.
>
And yet, as you point out, there is a real risk involved with writing
passwords down, especially when you do so in a non-physical location (eg.
iCloud notes, password manager).
The issue here being that in your threat model, disallowing writing down a
password is an inconvenience (forcing users to remember unmemorable
passwords) that outweighs any benefit gained from reducing the risk of
leaks.
I would propose not writing them down and not remembering them at the same
time. "Master Password" [0], for instance, generates your passwords
statelessly: instead of having an encrypted file or a diary with your
passwords, it uses a single password you can remember, scrypt-derives a key
from that, then hmac's a name for your password (eg. "adsl modem") with
that key to encode a password for the modem; eg. CuzaSasy3*Rimo.
Effectively, you have a single password you can remember, no store somebody
can steal or you can lose, and given only a computer, you can calculate any
desired password from anywhere.
The downsides are obvious: don't lose your single password and computers
can be monitored.
[0] http://masterpasswordapp.com/algorithm.html
--
*Maarten Billemont* (lhunath)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140923/cd45df36/attachment.html>
More information about the cryptography
mailing list