On 30/10/11 15:46, Thomas Dalton wrote:
On 30 October 2011 15:38, Neil
Harris<neil(a)tonal.clara.co.uk> wrote:
However, this is way, way, way lower risk than
the current risk of
brute-forcing low-hanging-fruit user passwords: for every user with a
password generated by base64-encoding the output of /dev/random, there
will be _thousands_ with passwords like "secret99" and "trustno1".
A password from /dev/random is extremely insecure. It is highly
susceptible to the "find where they wrote it down because it's far too
difficult to remember" attack.
Obligatory xkcd link:
http://xkcd.com/936/
If you keep it in the password cache of your browser, on a
password-protected home directory on a laptop, that's probably secure
enough for most people -- with a good enough password, that roughly the
same level of security associated with an SSH key (long bit-pattern on
disk + physical possession of the object with the bit pattern on +
passphrase). [regarding passphrase strength -- obligatory XKCD link:
http://xkcd.com/538/ ]
Again, we're concentrating too much on the moderately-secure part of the
problem -- long-enough passwords used by security-conscious users --
and not paying enough attention to the weaker parts of the system such
as the vast number of users (probably including many admins) with weak
passwords, and the general failure to force a secure connection between
the user and the site for login pages and logged-on sessions.
It's like having a thin cardboard box with a relatively weak wooden lid
-- upgrading the strength of the cardboard box is a more urgent task
than replacing the lid with a steel safe door.
Once those are fixed, by all means let's then turn our attention to
things like temporary password lengths.
-- N.