[Cryptography] Say 'unguessable' not random
Patrick Chkoreff
patrick at rayservers.net
Fri Aug 26 10:12:40 EDT 2016
Phillip Hallam-Baker wrote on 08/25/2016 10:19 AM:
> Thinking in terms of unguessability also helps us when we look at the
> reason why passwords fail. The problem with passwords is that the user
> is asked to chose a secret that they can remember but an attacker is
> unlikely to guess. Of course it is going to fail.
That is why I almost always make sure to choose a fairly unguessable
password that I cannot easily record in my brain. I only record it on
(1) a digital medium which itself is encrypted by an even stronger
password, and sometimes (2) a physically secured piece of paper.
The exception to that rule is very high security passwords such as those
which unlock encrypted hard drives or PGP keys. Those are always
diceware-style passwords, which can easily contain over 128 bits of
entropy but are also surprisingly easy to record permanently in my brain
and nowhere else.
I wonder if something like a banking site should generate unguessable
passwords for new users. It could display the password to the user and
instruct him to write it down. Then when he pushes the "Continue"
button, it would require him to enter the password. If he didn't write
it down correctly then he wouldn't be able to do that.
Unfortunately that does mean that if someone gets a hold of the user's
password book then it's game over.
-- Patrick
More information about the cryptography
mailing list