It wasn't a very good idea in 2015, and it still isn't a good idea today. It may not be "least terrible" when you have 20 - 50 passwords or so, but I'm at 5000+, and wherever possible, my logins are also random strings.
I've never been a fan of password managers, but I've found a much better way than paper:
1. Create a complex password to re-use everywhere. Memorize it and don't write it down.
2. Create individual simple passwords when you need one. Write them down
3. Create a method to combine the complex password and the simple password. Memorize it and don't write it down.
I figure there are two main attack vectors: online and offline. Online attack vectors are either a dictionary attack, which requirement 1 solves with a complex password, or using hacked passwords in one site to gain access to other sites, which requirement 2 solves with different passwords for each site. Offline attack vectors are someone discovering your written passwords, which requirements 1 and 3 solve by memorizing pieces of it.
The only weakness to this scheme is if someone is A. deliberately targeting you as opposed to a mass attack, and B. gains access to two or more of your passwords, allowing them to figure out your password system.
A dictionary approach is something I'd normally associate with offline attacks since online requires you go through the active system which should hopefully have some sort of rate-limits to prevent that. Offline attacks can be more brute-force and don't necessarily require pre-existing knowledge.
Oh I wasn't thinking of that kind of terminology, thanks for pointing that out. I was using online as someone who is at a distance and can only try social engineering, brute forcing, and looking for re-used passwords (much more common, especially with Russian hackers), whereas offline is someone who would have access to local areas and could find a password book (much rarer but still happens).
> 3. Create a method to combine the complex password and the simple password.
So what happens when a site / service limits the length? Do you truncate your complex password? And what about cases where only a certain subset of characters is accepted? Do you now need to memorize multiple variations of the complex password?
I used to do something similar to your proposed method, but the number of exceptional cases and work simply made if not worth the effort compared to a real password manager.
I found the same problem. I found too many places where passwords change far too often and are forced to be far too unique for a standard template to be replicable. Even something like HNspring2018 for my HN password, if I had to change it and did HNfall2018 I've seen sites kick it back saying it's not unique enough, or I can't use the date or year. Many won't let you use full dictionary words, even when paired with more complex stuff.
My work password needs to be changed every 60 days, must be longer than 16 characters, can't repeat three characters in a row over two password iterations, and passwords have to be unique for two years before you can repeat them. I write that password down on paper every time.
I hope we've reached peak ridiculousness when it comes to passwords and this is as bad as it gets before something better comes along.
Having a complex password that I use for everything allows it to be nonsensical. Mine is actually based off of a phrase (an idea inspired by XKCD) but the words have some dropped characters and it includes a name (so instead of correcthorsebatterystaple, think crrctChampbttrystple). I avoid making the simple password actual words as well, but it's simple enough that if I want to use the password at work but store it at home, I can memorize it easily for a day.
I agree that we've hit peak ridiculousness though.
How often are you running into length-limited password fields these days? I usually take it an organization is not attentive to or is outright uninterested in security, and either I shouldn't use their service (if it's optional), or I should publicly shame them.
I haven't hit a length issue, it's not super long though. If I need to do a variation, I write it down with the simple password. The main two variations are that it requires a number (which I don't have in the complex password), so I just add a number to the simple password, or that it can't use special symbols (which I do have in the complex password), so I use the corresponding number (for example 1 instead of !) and write down that I used a number instead of a symbol.
>So what happens when a site / service limits the length? Do you truncate your complex password? And what about cases where only a certain subset of characters is accepted? Do you now need to memorize multiple variations of the complex password?
For that I just keep a Google doc with site password restrictions and other public information mostly useless to a cracker. My password has rules for adapting to said site restrictions so I just lookup the site in Google docs and adapt my password accordingly
It obviously depends on your threat model. If you don't have any accounts with too sensitive information and you can stash the paper somewhere reasonably safe, then sure. My big issues with this are:
1) People suck at making their own passwords and this encourages bad passwords and password reuse.
2) The article admits that paper alone isn't good enough, but suggests that having "four password storage methods" is the optimal solution. That seems... unwieldy. Storing the most important (banking info, email) passwords in your head is a recipe for password reuse or getting locked out of your account.
Threat modeling is the most important part of this discussion, but will fall by the wayside in this discussion as well. Normal folks are really bad at risk analysis. I personally use a paper storage system and diceware ( http://world.std.com/~reinhold/diceware.html ) - because, at the end of the day - low tech is the best tech.
Interesting suggestion that a pad of paper is just as safe as your house. Problem is, much like corporate security, when it comes to passwords I actually figure that the biggest threat comes from the very people who already either live in my house or have relatively easy access to it.
Paper is an awful medium for password management, for a host of reasons:
1. It's vulnerable to phishing. The vast majority of sites still do not support U2F or similar, and typing in a password from paper means that a human is validating the domain, not a machine.
2. It's not encrypted at rest. This means that leaving your wallet somewhere means all your passwords have been exposed. It also means in many legal cases (IANAL, US law, etc) the contents of that paper are a key to all the other encryption you might have. In particular, courts have held that the fifth amendment protects a defendant from being compelled to reveal passwords in many circumstances.
3. It's difficult to keep in sync with new registrations, logins, and password changes - given the widespread use of mobile phones, it means that you are likely to take that piece of paper with you, compounding the risks in #2
5. Paper isn't durable. Spill a drink on it and everything is basically gone.
6. Paper isn't generally structured to obscure passwords - open your browser's password manager, and you'll see for each password unless you click to reveal it. With paper, you are much more vulnerable to shoulder surfing.
Edit:
7. Any decent password manager will volunteer to generate passwords for you - if you're doing this on paper, it's much more likely that you'll try to come up with a password yourself, resulting in weaker passwords.
"5. Paper isn't durable. Spill a drink on it and everything is basically gone."
Paper is more durable than any digital storage which all suffer from rot. They also rot faster than advertised. My documents stored in water- and fire-resistant containers will be readable even when my HD or discs fail. Just like the old books I find at thrift stores that were already older than some corrupted media I had.
Why wouldn't you create encrypted backups of your password manager stuff, or use a password manager than does this inherently by design (e.g. password-store/pass)?
Paper is certainly not more durable than digital storage. It may last longer at rest, but a disk under constant usage will outlast paper under constant usage any day.
Durable means able to resist wear. Lasting means persisting over an extended period of time. Paper, when stored properly, is long-lasting. It is not durable.
A poster on a wall could last for decades to centuries of use after a HDD in constant use has died. So, really HDD win in a subset of cases and lose in others.
Is a poster on a wall considered "paper in constant use"? After all, that disk has been constantly, unceasingly physically manipulated for years, while the paper has just been merely subjected to light and a small amount of air movement. A poster on the wall is as much "in use" as a disk that is plugged in but not mounted.
Sticking with the original subject, write your password to your computer disk and write it to a piece of paper. Now change your password on your computer disk while changing it on the paper as well. Now change it again. And again. And again. See what is more durable, the disk being constantly erased and written over, or the paper being constantly erased and written over? A modern SSD can handle tens of petabytes being written before it dies. Can a piece of paper?
You don't require your password-storage disk to be under constant use. Just like how you'd take out a piece of paper only when you need to use it, you could have a flash drive with no mechanical parts storing your passwords.
If your concern is third-party reliability but you'd still like a password manager, I'd say your best bet would be pass + git. pass uses gpg to encrypt each password separately in a file structure, and works very well with any sort of git repository making it accessible across devices. Depending on how you set it up it can be 100% in your control with minimal configuration (in my case though I've been lazy and just hooked it up to a private GitHub repository).
1+ for pass. It does one thing and does it well. Zero bloat. I use a simple emacs helm plugin to quickly copy the password to clipboard. Very happy with this setup.
I don't, sorry. My previous password manager, while it did have a mobile app, was painful to use so I don't miss that too much. For my most important stuff I use rememberable passwords.
This was my method until widespread and non-terrible password managers. The fact is that once you're dealing with an adversary who is sufficiently motivated to capture passwords from you and derive the algorithm, you've already lost.
Sure, it's a form of security through obscurity, but aren't we essentially relying on our computer systems' flaws remaining obscured to not get hacked?
Because you're not special, and you're not smart either. Your adversary already knows your password derivation scheme, and are already checking for it during the brute-force step, because you're not the first one to come up with it.
Browser and operating system vendors aren't especially smart either, but at least it's thousands of white hats vs thousands of black hats, instead of thousands of black hats vs just you.
It's not good to reveal your scheme, or for your scheme to be so simple. If a HN database ends up in the open, your accounts on other sites become vulnerable.
Ideally your passphrase would be secure enough that it couldn't be bruteforced from a (hashed) HN database. But in case a non-hashed database gets leaked, what sort of scheme could one use that couldn't be revealed from a single known password? I suppose one could use a system like
bcrypt(passphrase + "domain.com")[:32]
But anything requiring a calculation step seems to lose a lot of the advantages of a single-passphrase system.
Password managers seem to have the essential flaw of using the clipboard.
What prevents a random npm/rubygems/... dependency from running `pbcopy` every second, storing interesting-looking results and relaying them to some server once in a while?
This assumes the machine is already pwned - at which point why wouldn't they just use a keylogger? In that case, typing the password in without the use of a password manager instead of copy/pasting from a password manager wouldn't be any more secure.
It's reasonably easy (or at least feasible) to sneak runnable code as an indirect dependency of a development project (node.js, rails, etc), or of a Homebrew formula. No pwning needed - at least as commonly conceived.
Presumably, running `pbcopy` is easier and less detectable than writing a keylogger?
This suggests a related question. There's no inherent reason why programs other than your desktop shell and the current focused window (for window based DEs) need to have access to keyboard input. In practice, how good are existing DEs at controlling this access? I know, for example, that the slow move from X to Wayland has removed some of the methods a program might use to access inputs or the clipboard.
A decent password manager has browser integration through browser extensions and fills in passwords for you. Current versions of Safari and Chrome have built-in password managers.
I think most 'hacker-friendly' password managers (like password-store), that are unix-y, can be persisted to git, don't depend on megacorps, etc lack these capabilities?
i.e. very few password managers might count as 'decent'.
As a last note, a browser extension that doesn't come from Google or Apple shouldn't be trusted. I have zero extensions (other than uBlock), since they essentially have arbitary read/write capabilites into one's digital life.
What's really missing is a OS-level widget that acts as a secure clipboard. Similar to how one inserts emojis in macOS.
i.e. very few password managers might count as 'decent'.
I think this is true - this is really core browser functionality and all password managers are fundamentally hacks. A tiny number of these hacks are non-awful. 'hacker-friendly' password management is a bit like 'hacker-friendly' dentistry - useful to a tiny minority of exceptionally adventurous people.
The safest, sanest thing you can do is use the browser-provided password manager and the browser- or OS- provided sync. Both Safari's and Chrome's use end-to-end encryption (you have to turn it on in Chrome but it's there). The benefits of this far outweigh the downsides, to the point where I actually think the typical recommendation for 1Password is a bit outdated and counter-productive. Browser and platform vendors should obviate the need for this entire class of software and they seem to be moving in that direction.
I use PassFF which does Firefox integration for pass (and thus you get all the usual pass features, git integration, etcetera).
I have no idea why you feel proprietary goop from Apple is trustworthy while code I can read for myself is not.
Personally I have auto-fill configured. Since I fixed (in my copy and since the PR was accepted eventually everyone's) the lack of any suffix matching beyond TLDs I feel auto-fill security implications are tolerable, I'm sure views vary. But I definitely couldn't put up with manual copy & paste.
Password management has gotten completely out of hand. My dad, who is in his 60s but is pretty technologically savvy, has resorted to a master paper list of all his passwords (almost two dozen).
The situation has gotten worse in recent years. First, the unjustified worry about shoulder surfing means that password entry widgets make it impossible to figure out if you’ve entered the password correctly, especially on mobile where typing errors are common. Worse, some don’t even have a “show what I’m typing” mode. Second, many sites totally confuse the password managers in Chrome/Safari because they get fancy with having separate pages for username and password.
And all for what? My passwords have been leaked dozens of times over in various security breaches anyway.
>Password management has gotten completely out of hand.
Sure, the industry is basically recreating public key crypto very, very badly. All the tech has been there to do away with passwords for ages but path dependency can be a very scary and depressing thing sometimes. Probably doesn't help that for a long time only users paid any of the cost.
Granted there is also this weird mindset even amongst lots of tech workers that authentication is some scary thing and should be manual too, as in this idiotic article. Perhaps that has also inhibited progress.
>And all for what? My passwords have been leaked dozens of times over in various security breaches anyway.
Well, that's the major reason behind password managers isn't it? It's precisely because we're not using real crypto for authentication that what 3rd parties do and whether they get breached actually matters, and in turn creates the necessity to use a different good password for every single service and have the ability to change them to a new good one at will. For most humans at any significant scale that rapidly becomes impossible to manager so naturally the right thing to do at an individual level is turn to a computer to handle it.
The notebook is better than what most people do, including a decent chunk of nerds nerding on with password generation schemes like "last couple letters of site plus this number plus this word".
The major threat we want to avoid in 2018 is "account stuffing", which is simply people pivoting from a dumped password on a breached site to every other one of your accounts through related passwords. If a notebook keeps you from using related passwords, great. Do that then.
You can get better security than the notebook, but the reality is for most non-specialist users, if their bag is stolen, so is their computer, and all their accounts pretty quickly thereafter.
The article and some posts suggest keeping certain passwords only in your head.
Be sure you do that only when it would be Ok if the account became very difficult to access in case you die or become incapacitated. There are remedies for your survivors, but it is generally a big pain in the ass you don’t want to leave behind.
Pro tip: If you use paper add the same prefix to all your passwords, but don't write down the prefix. This improves security if you misplace the paper.
For example, your paper might look like this:
Gmail: face method ruler
Facebook: rows bat likewise
Bank: hilltop skids lavender
But your actual passwords are:
Gmail: apple face method ruler
Facebook: apple rows bat likewise
Bank: apple hilltop skids lavender
Pro tip 2: Use random words instead of random characters. For sites you log into regularly you will soon memorise the password and won't need to pull out the paper.
It's really that difficult to use KeePass? It's offline, cross-platform, with password generation, secure session for entering the master password, could type passwords without using the clipboard and if you want to sync you can save the encrypted db on dropbox, git or wherever yout want.
The only problem I see is when I need a password but I can't access database, which is almost never since Keepass has a port for Android. But in those (few) cases I can write down a few notes which I can use to create a not easy to guess password for that specific use case.
In an imperfect world this is the optimal combination of security and convenience.
A google drive spreadsheet full of passwords. The gmail account is U2F. Memorize the (long) account password and then copy and paste from the spreadsheet.
Benefits:
* is not a honey pot target like a password manager
* easily accommodates long random passwords
* convenient access
* cannot be misplaced
* account password very likely to remain secured
I wrote this (above) comment expecting to get a load of down votes, but there are none. If anyone really wants to use this technique then please store all your passwords in TRIPLICATE in the spreadsheet.
This is because if you fat finger or fat mouse one of the three you'll have two others to recover with. If you have only one copy and you mess it up (yes I've done it a few times) then your 16 digit random password will be gone forever.
75 comments
[ 4.0 ms ] story [ 29.5 ms ] threadhttps://www.csmonitor.com/World/Passcode/Passcode-Voices/201...
1. Create a complex password to re-use everywhere. Memorize it and don't write it down.
2. Create individual simple passwords when you need one. Write them down
3. Create a method to combine the complex password and the simple password. Memorize it and don't write it down.
I figure there are two main attack vectors: online and offline. Online attack vectors are either a dictionary attack, which requirement 1 solves with a complex password, or using hacked passwords in one site to gain access to other sites, which requirement 2 solves with different passwords for each site. Offline attack vectors are someone discovering your written passwords, which requirements 1 and 3 solve by memorizing pieces of it.
The only weakness to this scheme is if someone is A. deliberately targeting you as opposed to a mass attack, and B. gains access to two or more of your passwords, allowing them to figure out your password system.
A dictionary approach is something I'd normally associate with offline attacks since online requires you go through the active system which should hopefully have some sort of rate-limits to prevent that. Offline attacks can be more brute-force and don't necessarily require pre-existing knowledge.
So what happens when a site / service limits the length? Do you truncate your complex password? And what about cases where only a certain subset of characters is accepted? Do you now need to memorize multiple variations of the complex password?
I used to do something similar to your proposed method, but the number of exceptional cases and work simply made if not worth the effort compared to a real password manager.
My work password needs to be changed every 60 days, must be longer than 16 characters, can't repeat three characters in a row over two password iterations, and passwords have to be unique for two years before you can repeat them. I write that password down on paper every time.
I hope we've reached peak ridiculousness when it comes to passwords and this is as bad as it gets before something better comes along.
I agree that we've hit peak ridiculousness though.
- PayPal
- Rent payment portal
- University account
- Target
(etc...)
For that I just keep a Google doc with site password restrictions and other public information mostly useless to a cracker. My password has rules for adapting to said site restrictions so I just lookup the site in Google docs and adapt my password accordingly
1) People suck at making their own passwords and this encourages bad passwords and password reuse. 2) The article admits that paper alone isn't good enough, but suggests that having "four password storage methods" is the optimal solution. That seems... unwieldy. Storing the most important (banking info, email) passwords in your head is a recipe for password reuse or getting locked out of your account.
<edit> - also am a CISSP
1. It's vulnerable to phishing. The vast majority of sites still do not support U2F or similar, and typing in a password from paper means that a human is validating the domain, not a machine.
2. It's not encrypted at rest. This means that leaving your wallet somewhere means all your passwords have been exposed. It also means in many legal cases (IANAL, US law, etc) the contents of that paper are a key to all the other encryption you might have. In particular, courts have held that the fifth amendment protects a defendant from being compelled to reveal passwords in many circumstances.
3. It's difficult to keep in sync with new registrations, logins, and password changes - given the widespread use of mobile phones, it means that you are likely to take that piece of paper with you, compounding the risks in #2
5. Paper isn't durable. Spill a drink on it and everything is basically gone.
6. Paper isn't generally structured to obscure passwords - open your browser's password manager, and you'll see for each password unless you click to reveal it. With paper, you are much more vulnerable to shoulder surfing.
Edit:
7. Any decent password manager will volunteer to generate passwords for you - if you're doing this on paper, it's much more likely that you'll try to come up with a password yourself, resulting in weaker passwords.
Paper is more durable than any digital storage which all suffer from rot. They also rot faster than advertised. My documents stored in water- and fire-resistant containers will be readable even when my HD or discs fail. Just like the old books I find at thrift stores that were already older than some corrupted media I had.
Durable means able to resist wear. Lasting means persisting over an extended period of time. Paper, when stored properly, is long-lasting. It is not durable.
Sticking with the original subject, write your password to your computer disk and write it to a piece of paper. Now change your password on your computer disk while changing it on the paper as well. Now change it again. And again. And again. See what is more durable, the disk being constantly erased and written over, or the paper being constantly erased and written over? A modern SSD can handle tens of petabytes being written before it dies. Can a piece of paper?
I would never use a browser’s password manager.
Edit: In a good way, I mean.
B-but that's basically just a substitution cypher!
Eg foobarYCO2018!
Easy to remember, unique and doesn't rely on third-party services.
Sure, it's a form of security through obscurity, but aren't we essentially relying on our computer systems' flaws remaining obscured to not get hacked?
Browser and operating system vendors aren't especially smart either, but at least it's thousands of white hats vs thousands of black hats, instead of thousands of black hats vs just you.
What prevents a random npm/rubygems/... dependency from running `pbcopy` every second, storing interesting-looking results and relaying them to some server once in a while?
Presumably, running `pbcopy` is easier and less detectable than writing a keylogger?
[0] https://docs.microsoft.com/en-us/windows/desktop/dataxchg/us...
This isn't essential to the operation of a password manager and sensible password managers don't do this.
Say a password manager wants to let me know that my password for Gmail is d78658b8f207c4256370d3e018e0f3d544607849aa5f6bd8, what should it do then?
It seems to me, either the manager or me will copy that value to the clipboard somehow.
I think most 'hacker-friendly' password managers (like password-store), that are unix-y, can be persisted to git, don't depend on megacorps, etc lack these capabilities?
i.e. very few password managers might count as 'decent'.
As a last note, a browser extension that doesn't come from Google or Apple shouldn't be trusted. I have zero extensions (other than uBlock), since they essentially have arbitary read/write capabilites into one's digital life.
What's really missing is a OS-level widget that acts as a secure clipboard. Similar to how one inserts emojis in macOS.
I think this is true - this is really core browser functionality and all password managers are fundamentally hacks. A tiny number of these hacks are non-awful. 'hacker-friendly' password management is a bit like 'hacker-friendly' dentistry - useful to a tiny minority of exceptionally adventurous people.
The safest, sanest thing you can do is use the browser-provided password manager and the browser- or OS- provided sync. Both Safari's and Chrome's use end-to-end encryption (you have to turn it on in Chrome but it's there). The benefits of this far outweigh the downsides, to the point where I actually think the typical recommendation for 1Password is a bit outdated and counter-productive. Browser and platform vendors should obviate the need for this entire class of software and they seem to be moving in that direction.
I have no idea why you feel proprietary goop from Apple is trustworthy while code I can read for myself is not.
Personally I have auto-fill configured. Since I fixed (in my copy and since the PR was accepted eventually everyone's) the lack of any suffix matching beyond TLDs I feel auto-fill security implications are tolerable, I'm sure views vary. But I definitely couldn't put up with manual copy & paste.
I'll start looking into https://github.com/browserpass/browserpass/ .
The situation has gotten worse in recent years. First, the unjustified worry about shoulder surfing means that password entry widgets make it impossible to figure out if you’ve entered the password correctly, especially on mobile where typing errors are common. Worse, some don’t even have a “show what I’m typing” mode. Second, many sites totally confuse the password managers in Chrome/Safari because they get fancy with having separate pages for username and password.
And all for what? My passwords have been leaked dozens of times over in various security breaches anyway.
Sure, the industry is basically recreating public key crypto very, very badly. All the tech has been there to do away with passwords for ages but path dependency can be a very scary and depressing thing sometimes. Probably doesn't help that for a long time only users paid any of the cost.
Granted there is also this weird mindset even amongst lots of tech workers that authentication is some scary thing and should be manual too, as in this idiotic article. Perhaps that has also inhibited progress.
>And all for what? My passwords have been leaked dozens of times over in various security breaches anyway.
Well, that's the major reason behind password managers isn't it? It's precisely because we're not using real crypto for authentication that what 3rd parties do and whether they get breached actually matters, and in turn creates the necessity to use a different good password for every single service and have the ability to change them to a new good one at will. For most humans at any significant scale that rapidly becomes impossible to manager so naturally the right thing to do at an individual level is turn to a computer to handle it.
Automating an administrative task is basically what they're for.
The major threat we want to avoid in 2018 is "account stuffing", which is simply people pivoting from a dumped password on a breached site to every other one of your accounts through related passwords. If a notebook keeps you from using related passwords, great. Do that then.
You can get better security than the notebook, but the reality is for most non-specialist users, if their bag is stolen, so is their computer, and all their accounts pretty quickly thereafter.
Be sure you do that only when it would be Ok if the account became very difficult to access in case you die or become incapacitated. There are remedies for your survivors, but it is generally a big pain in the ass you don’t want to leave behind.
For example, your paper might look like this:
Gmail: face method ruler
Facebook: rows bat likewise
Bank: hilltop skids lavender
But your actual passwords are:
Gmail: apple face method ruler
Facebook: apple rows bat likewise
Bank: apple hilltop skids lavender
Pro tip 2: Use random words instead of random characters. For sites you log into regularly you will soon memorise the password and won't need to pull out the paper.
The only problem I see is when I need a password but I can't access database, which is almost never since Keepass has a port for Android. But in those (few) cases I can write down a few notes which I can use to create a not easy to guess password for that specific use case.
A google drive spreadsheet full of passwords. The gmail account is U2F. Memorize the (long) account password and then copy and paste from the spreadsheet.
Benefits: * is not a honey pot target like a password manager * easily accommodates long random passwords * convenient access * cannot be misplaced * account password very likely to remain secured
This is because if you fat finger or fat mouse one of the three you'll have two others to recover with. If you have only one copy and you mess it up (yes I've done it a few times) then your 16 digit random password will be gone forever.