Unless the randomly generated password coincidentally matched a more easily cracked password.
What? Just how did you reach that conclusion from what I posted? It’s so absurd that I’m uncertain we’re even using the same language here. I am posting in English, right? 
Yes, that is unlikely but not impossible, alas that’s the nature of randomness.
Not only is sailor’s method easily crackable, it’s crackable using the standard tools. In technical terms, what he’s doing is is using the site name as a salt, and using “MD5 twice” as his hash instead of just “MD5”. Both of those are options you can literally select from menus in the script-kiddie applications.
What’s worse, he’s now told us that he uses this for all of his accounts. So if a cracker were to get something trivial like his SDMB password (where all that’s at stake is a prankster saying you have sex with sheep, or something), they could then use that information to generate his password for, say, his bank (and clean out his entire life savings).
Now, I personally do use the same password for a lot of sites, but it’s only for sites where there’s nothing at stake. For more important sites, like my e-mail or here, I do something more complicated (which probably could be cracked, but I’d make them work for it). And for my bank, I literally rolled dice a bunch of times.
Well, maybe I misunderstand you but you said
in response to my idea for generating passwords and I understood that to mean you did not believe they were “random” enough. because they had been generated by some process other than throwing dice or something. You say it has to be random and not just look random and I am not sure of the difference. How can I tell if a password really is random or it just looks random?
But if you agree that 3T1eE12ibdCz427xfVcx is pretty secure and as much as any other similar password and more secure than the text which was used to generate it then I guess we agree.
BTW, a hash, MD5 or other, is as close as you can get to randomness. That’s what makes it impossible to reverse.
You have misunderstood some and you are mistaken some. I did not say I use MD5 twice. I use MD5 and then an unspecified and secret algorithm.
You have not understood how hackers attack. They do not have all the passwords of one person at different websites. They have many passwords of different people which they have stolen from one website. They are not after me personally, they just crack what they can out of thousands by trying dictionary attacks. 3T1eE12ibdCz427xfVcx is not going to be on any such dictionary and would have to be done by brute force which is impossible. My password would be among the safest.
Now, if we were talking about the NSA and I were Bin Laden then things change because the NSA would want to attack me specifically. But I am not Bin Laden and (as far as I know) they are not after me so I only have to protect myself from common hackers who have a much easier harvest than mine.
And I will tell you why I am so confident. It is not because I think I know a lot but because I have talked about this with people who know a lot. I work with telecom equipment, home routers among other things. Home routers generally generate the default WPA wifi key by a simple algorithm which uses some parameter like the MAC as input, salt (common to all) and an unspecifed algorithm. If you know the algorithm and the salt you can crack the defalt wifi key (which most people do not bother to change).
I know I can crack some specific router models’ default passwords because I could get the information on how to do it. But those models where the information is not available have been impossible to crack even though many many people have dedicated many many hours. We know F(salt+MAC) = wifi key and yet thousands of hackers are unable to break it in spite of all efforts and thousands of routers to use as examples. Only when given the salt and algorithm was the process cracked. That gives me much confidence in the system.
Mine should be even more secure in that there are not thousands of people trying to crack it and the salt and algorithm would be even more obscure.
Again, I am not inventing anything, I am using a method used by several router manufacturers and which has proven itself by resisting very serious cracking efforts. I would feel extremely confident generating a list of 1000 passwords using my method and I would wager it cannot be broken in any reasonably short amount of time.
I know it is difficult to believe vut there are forums out there which dedicate a lot of time and effort to this kind of stuff. Don’t ask me how I know. Just take my word for it.
Using your algorithm, can you deliberately produce the same password twice? If yes, then it isn’t random.
It isn’t random in any way, shape or form. A given input will always produce the same output, which is one of the reasons it can be used to store passwords in the first place.
Which is security through obscurity, you’re depending on attackers not knowing about your algorithm.
Once it’s known, unless it is very computationally complex, it won’t much harder to crack than your base password.
Mogle, we’ll just have to agree to disagree but, as I said, it is a system used by router manufacturers and which has withstood for years very determined efforts to crack it. My guess is that if you think it is not difficult to crack you are just not understanding the difficulty of the problem. If you or anyone believes they are up to the task I’ll be happy to set up a challenge.
I’m not saying anything about router manufactures, I have however been strongly objecting to your gross misuse of the word “random”.
I am not going to get into a semantic argument over the meaning of the word “random” and whether the digits of Pi are truly random or not because that is like the plane on the treadmill and the 0.9999=1 discussions and leads nowhere.
What I understand is that you say my passwords are no good because they are not “random”. I do not care about random or not, I care about them being good and I assert that they are good enough that they cannot be cracked by regular hackers and I am so confident that I would wager money for the amusement of the challenge. If it works for router manufacturers it should work for me. Whether it’s random or not is academic and of no consequence. If you think my system is crackable then find someone who says they can do it and maybe we can make some interesting wager to make it worth their effort. Maybe you know hackers who know more than the people I know. I’ve lost wagers before and I am willing to learn again. The proof is in the pudding.
It’s not matter of semantics, from what you’ve described your passwords are simply not random, so don’t call them that.
Now, I have not said that your passwords are not good in practice. Though so far you have not given me any reason to think that you are not, in principle, relying on security through obscurity.
If you can’t reveal your password generation algorithm and remain secure, then that algorithm is flawed.
By way of analogy, here’s the full algorithm I used to create my bank password:
First, I rolled two distinct 6-sided dice, to generate a number between 1 and 36.
Then, I converted that number to a character, a-z or 0-9.
Then, I flipped a coin to decide whether to hit shift or not, so I got capital, lower-case, digits, and the symbols above the digits.
I then repeated the first three steps until I had ten characters, in order.
There, that’s my full algorithm. I think you can see that it compromises my security not at all, that I have given it.
How can you get from 1-36 from 2 6-sided dice?
If you roll the 2 dice and multiply, you can get to 36 but with only 12 possible values and the distribution isn’t even.
If you roll the 2 dice 3 times and sum up, you get 24 possible values (6-36) with an uneven distribution.
Inquiring minds want to know - I’m trying to calculate your entropy.
Mogle, you are getting hung up on buzzwords and this is getting kind of silly. I have no interest in semantics but, in any case, to say that to meet your definition of “random” I need to tell you how I generate my passwords is bizarre.
That is not what random means. Random means that an observer who is analyzing the stream cannot predict what symbol will come next because they are all equally probable. It has nothing to do with how they are generated. It has nothing to do with obscurity.
You can say "what if they access your computer and find the algorithm and the salt? Well, duh! Then they have access to the file with all the passwords and have no need to bother. (Of course my files are encrypted.) So, going along with your reasoning, anyone who keeps confidential files in a computer, even if encrypted, is relying on “security through obscurity” because the NSA could take him behind the woodshed and beat him with a crowbar until he gave them the master password.
So, we agree to disagree.
If anyone believes it is possible to crack such a system I will gladly set up the challenge. I post 100 successive passwords and you guess the next one in the series. If you can do that there are web sites, forums and people who would be very interested in talking to you. Including the NSA I would say.
You’re calling MD5 random, an algorithm that will always produce the same output for a given input, “random”, and you say I have a bizarre definition of random? :rolleyes:
MD5 may be chaotic, but random it ain’t.
I’m not saying you need to reveal you algorithm to me(and if you’re relying on security through obscurity it would hurt you do so), but unless your password generator has some actual random input somewhere it isn’t random.
I find it baffling that someone would believe the strength of a password would depend on how it was generated but I suppose it is similar to the feeling that after a die has gone for a while without rolling a 5 then a 5 must be due soon. Like a password has some kind of “memory”. I get a feeling this is a bit like the Monty Hall question where one answer is obvious until the opposite becomes obvious.
When I send a password to a website the password stands on its own, strong or weak, without regard to how it was generated. Or does it somehow carry a pedigree?
Again, is 3T1eE12ibdCz427xfVcx a strong or a weak password? Does it depend on how it was generated? If so, how so? Do you think a computer security expert would consider the password stronger or weaker depending on how it was created?
Is AliceLovesBob a strong or a weak password? Does it become stronger if it was generated by selecting letters randomly? Do you think a computer security expert would agree?
If a password is weak because I used an algorithm to create it, does it become stronger if I forget or lose the algorithm?
Remember that you choose a password for a site but you do not explain how you chose it. The website only knows your password and nothing else.
A web site has the hash of my password and all a hacker needs to get in is my password without regard to how it was generated. A password is strong or weak on its own and without regard to how it was created.
Another question I forgot to add:
A certain router manufacturer uses as default password for wifi the MD5 of (Salt + MAC) truncated to 20. Assuming robust salt, is this strong or weak? Knowing the MAC and password of one or several routers, how difficult would it be to find the password of a router knowing its MAC address? Does it matter that it is generated with a known algorithm?
Hey now, you got after me for using the term “cryptographer”. If you can dish out the medicine you can take some, too. =P
My guess–dice have different colors (e.g. red, green); subtract 1 from each die (giving values of 0-5); multiply one (say, red) by 6, add the other. Viola.
Read the article jovan linked in post 34.
Basically, people(as whole) tend create passwords that fall into certain patterns, by using these patterns an attacker can greatly reduce the number of guesses needed to crack them. Therefore you want to passwords that don’t fit into any patterns. Your algorithm is part of a pattern, even if that pattern is unique to you because only you know of your algorithm.
If this was generated with an algorithm known to the attacker then it isn’t much stronger than the input that was used to create it.
If is an actual random password, then it would be strong.
Weak, if by some bizarre coincidence you got this by random chance, replace the monkeys and try again.
Using a non-random algorithm won’t make your passwords weak as such, as long as you are the only one who knows about it. But if someone finds out about it, every password generated by it becomes potentially vulnerable. This is the whole security through obscurity thing I’ve been going on about. You depend on your algorithm remaining secret for your passwords to remain secure.
Any password generation method known to the attacker can be used to generate password guesses.
How many digits is the salt?
How would the attacker know how it was generated? Think about it. A hacker gets access to a file with several thousand user names and hashes. The next step is to find where people live, go to their homes, access their computers (even if encrypted) and steal their algorithms or passwords? I don’t think so. The attacker neither knows nor cares how passwords were generated. They mount a general attack to crack the weaker passwords. I freaking guarantee that a 20 character password I generate cannot be cracked and whether you consider it random or not is irrelevant. If someone has access to my algorithm, my salt, etc. then they have access to my passwords and they can skip the algorithm part. Anyone who keeps their passwords in some encrypted file is no more secure than me.
I already said: strong. The rest would be for the attacker to find out. Assume salt (or “magic” as they call it) of any robust number of alphanumeric characters and concatenate the MAC address. MD5, truncate (20) and that is the password. If I give you 100 MAC and their passwords do you think you can find the password for the next MAC address? I don’t think so. In reality you only need one set because the only way is to try salts one by one until you find the correct salt. If the salt is large enough you cannot find it. And that is using MD5 which is the easiest (fastest) to perform. Other hashes would make it even slower. Concatenate hashes and/or add extra steps and it becomes impossibly slow.
An attacker takes a crack at a list of passwords without knowing or caring how they were generated or anything else about the user. Again, how the password was created is irrelevant because the attacker neither knows nor cares.
So assume I create passwords using hash of (salt + web site). The attacker does not know how I create them nor does he care because his attack is not trying to crack my list of passwords, that is not his focus, he is trying to crack the list he got from a website where my password is one among thousands. But, you say, he knows your algorithm and your salt. Well, fuck, that’s like me saying he knows your password already. Why is the idiot wasting time cracking password lists when he already knows our passwords?
I’m puzzled by what seems to me misuse of the term “salt” at some points in this discussion. The purpose of salt is to make hashes unique even if the same input is used, so that (a) attacks based on pre-computed tables are useless and (b) if you do discover someone’s password, their hash won’t match that of someone else who happens to have the same password.
So I’m not sure what these router manufacturers are up to with a so-called “salt” that is the same on every router. That’s not salt. That’s just an extra bit of secret information that is getting mixed into the password.
Salt does not need to be secret, and indeed as has been said is usually stored in plain text right next to the hash.
As for whether the scheme used to generate the password matters, I would say that it does. I have just generated the following password with a particular scheme:
90U(guF76f^%7uyg(*&y9g8^786ih7u0
Looks pretty secure, yes? Well, here’s the scheme I used:
Toss a coin. If it’s heads, the password is b*&87gUYF75G&y98Y)9uiugf7U8igfY9, and if it’s tails, the password is 90U(guF76f^%7uyg(*&y9g8^786ih7u0 .
So my super-secure password actually contains just one bit of information. The security, such as it is, is in the scheme, not the password, and it’s lousy as a general scheme.