[Cryptography] Passwords (Smallest feasible work factor today?)

Kevin W. Wall kevin.w.wall at gmail.com
Wed Sep 7 17:15:54 EDT 2022


On Wed, Sep 7, 2022 at 4:08 PM Phillip Hallam-Baker <phill at hallambaker.com>
wrote:

> Folk, what are people's thoughts on the smallest work factor that can be
> considered acceptable today? I am thinking 2^80.
>

I get your rant, but you need to consider businesses and their GRC-related
policies, some of which are mandated by compliance and regulatory laws. So,
to that degree, what *we* think probably doesn't matter all that much.

So given that, the last 3 companies that I've worked for (including the
current one) would accept 2^80 for "regular" users, but possibly not
privileged accounts and almost certainly not service accounts.

For example, at the Fintech company I worked for just over a year ago,
regular user passwords for internal users (employees and contractors) had
to be >= 16 characters long, but only >= 8 characters for their customers'
passwords. Privileged accounts had to have passwords that were randomly
generated and stored in a password manager vault and were supposed to be >=
20 characters and and for service accounts (which were valid for 1 year)
had to be >= 24 randomly generated characters and kept in something like
Hashicorp Vault. (At my current employer, service account passwords are
required to be >= 32 randomly generated printable characters and they also
must be stored in / accessed from Hashicorp Vault.)

So, I will leave the calculations to you, but for service accounts at
least, a work factor of 2^80 may not fly in some businesses.

-kevin
-- 
Blog: https://off-the-wall-security.blogspot.com/    | Twitter: @KevinWWall
| OWASP ESAPI Project co-lead
NSA: All your crypto bit are belong to us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220907/60e92d1e/attachment.htm>


More information about the cryptography mailing list