[Cryptography] Passwords: Perfect, except for being Flawed
Natanael
natanael.l at gmail.com
Tue Feb 17 18:19:49 EST 2015
Den 17 feb 2015 23:52 skrev "Kent Borg" <kentborg at borg.org>:
>
> On NPR this morning I heard a nice mangling of the old Churchill line,
saying that passwords are the worst authentication possible, except for all
the other systems. It occurs to me there is something deep in that.
>
> Passwords have serious problems, but they are bit like the problems with
one-time-pads: cumbersome--but otherwise perfect.
>
> There is never going to be a generalized crack of the "password system".
Even with some fancy Quantum Cryptography, passwords are not going to
suffer a catastrophic failure. Flawed as they are in practice, passwords
are a solid tool in principle.
>
> All the alternatives risk failure ranging from major to gigantic. All the
alternative systems are complicated and brittle. Passwords are simple.
Distributed. Robust.
>
> Our use of passwords, on the other hand, is terrible. But all the
alternatives to passwords are worse.
>
> We should quit trying to craft fragile replacements and instead resign
ourselves to cleaning up our act: quit reusing password the same passwords
on different sites, pick good passwords, write them down our passwords, but
otherwise keep them secret*.
>
> * Including not running spyware on our machines and not typing password Z
into phishing site X.
>
> And then tell the world to do the same.
>
> Passwords are a fundamentally good system, but for their cumbersome
details. All the alternatives are worse, and I think for rather fundamental
reasons.
Do you have any particular criticism against U2F hardware tokens combined
with shorter passwords verified over protocols like SRP? Strongly
credentials phishing resistant and bruteforce resistant. Easy to use.
Reasonably safe against most thieves. MITM resistant.
And human compatible - no need to make length and high complexity a
mandatory baseline, as rate limiting becomes functional again. No need to
remember tons of passwords. A simple password tier system based on how
important the services are combined with a hardware token would IMHO
achieve a high level of practical security for most people.
It wouldn't be less secure than my current password manager setup, in
particular since malware can't steal hardware tokens.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150218/4432d461/attachment.html>
More information about the cryptography
mailing list