[Cryptography] Passwords (Smallest feasible work factor today?)

[Ron Garret]

On Sep 12, 2022, at 4:03 PM, Ray Dillinger <bear at sonic.net> wrote:

> On 9/8/22 18:17, Phillip Hallam-Baker wrote:
>> 
>> I have over 500 stored passwords. What sort of cretin would imagine that I would possibly remember 500 different ones? Someone would have to be a special type of stupid with extra stupid sauce to believe anyone could do that.
> 
> I use a metal lockbox full of 3x5 cards as my password manager.  And when asked, I recommend it. The system architecture is visible, verifiable, reliable, easy to understand and correctly operate, hard to remotely subvert or hack, and easy to check with absolute confidence for malware or spyware regardless of whether you trust the hardware manufacturer.  The security model does have one big hole if someone else gets their hands on the box. But if someone has to resort to in-person burglary to get at passwords - meaning personal attention for an individual target - It's not compatible with the economic model of most people who'd be after most passwords. 
> But recently I've felt the need of better; probably paranoia on my part but I'm working on something that really and truly can't get out.
> So for a few "special" passwords I invested the effort to make my "too low tech to hack" approach one level harder, closing the "somebody gets their hands on it" hole fairly tight; The passwords stored on my 3x5 cards in the metal lockbox for these "special" passwords are plaintext that I pass through a pencil-and-paper encryption to get the actual password.  And there are a few ordinary things I carry with me which I use in combination as the key to that pencil-and-paper cipher.  But nobody looking through my stuff would ever see a key there, nor know how to combine these objects to make the key, nor know how to use it as a key.
> So for most passwords, there's an annoying fifteen second lookup.  For the "special" ones there's a fifteen-second lookup plus about a minute and a half of hand encrypting to work out the real password. 
> This is annoying and high-effort compared to the neat package most hardware password managers present.  But the electronic password manager does not exist whose every hardware component is made by people whom I implicitly trust or whose every circuit trace can be visually checked at any time to make sure that it's exactly what it ought to be.  Nor does the electronic password manager exist whose every line of code is guaranteed not to be exploitable. 
> Seriously.  If you want password security, consider the metal box with a lock.  It has virtues hard to match on most electronic platforms.

You might want to consider combining this approach with some steganography: an *unlocked* box of what appears at a casual glance to be, say, a collection of contacts or recipes is very unlikely to command the attention of a burglar.  In fact, a locked box is much more likely to attract unwanted attention, and the locks available on 3x5-card-sized boxes are very unlikely to resist even the most rudimentary of physical attacks.

Security-through-obscurity is much derided in crypto circles, but security through *physical* obscurity can be very effective.

Personally, I keep my valuable secrets in an AES-encrypted file which is protected by one master password that I don’t use for anything else.  That password is written down in case I forget it, but no one except me would recognize it.  The encrypted file also not very prominent.  A little bit of obscurity and a little bit of entropy stored in your brain and backed up with some strategically placed post-it notes can go a very long way.

rg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220913/6181453e/attachment.htm>