[Cryptography] Possible reason why password usage rules are such a mess

Kent Borg kentborg at borg.org
Thu Nov 19 14:56:04 EST 2020 

On 11/19/20 2:46 AM, Phillip Hallam-Baker wrote:
> Sure, nobody leaves the front door open on the password file any more. 
> But breaches occur regularly and the password files leak...

You are optimizing for a very specific case:

(1) A site uses password hashes,
(2) for passwords that are allowed to be long,
(3) and are honored in their entire length*,
(4) is broken into and they don't tell me,
(5) the breakin doesn't include general admin powers but just supplies 
that one file,
(6) the attacker bothers to crack the hash for my password, and
(7) it does any good for the attacker to have that password.

* Even Linux is willing to let you use long passwords where anything 
past 8-characters are quietly ignored—if you set things up wrong. I've 
twice discovered this where I didn't set it up that way, a system 
installation script did.

If I don't recycle passwords, getting all the way to #7 lets the 
attacker impersonate me only on this one iffy site, which the attacker 
already has some backdoor access to. By insisting on unmanageably long 
passwords for everything, you do avoid this one narrow circumstance.

But there are a lot of ways for people to get security wrong, by the 
time they let their password data leak you need to assume things are 
very broken.

What makes you think there is any hashing going on at random site?

I have a large collection of plain-text passwords that have publicly 
leaked, where did I get those? That doesn't smell like hashing to me. 
Why do so many sites have password length and severe password content 
restrictions? That doesn't smell like hashing to me.

As long as my password even approaches a couple dozen-ish bits of real 
entropy, if I haven't given away copies (by recycling), my password is 
not going to be the weak link.

Do you have an ATM card? Well, if someone finds a way into your bank's 
computers that isn't via your PIN, then it didn't happen because your 
PIN was too short. And if you have to change your PIN as part of the 
cleanup, your new one doesn't have to be any longer than was your old 
one. The PIN wasn't the problem.


By telling people that every password has to be unmanageably long, you 
are effectively discouraging people from using difficult passphrases 
when it really does matter: for encryption.


-kb

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20201119/68077a6a/attachment.htm>

More information about the cryptography mailing list