Oh Randall, you do confound me so.
August 10, 2011 1:11 AM   Subscribe

cinnamon leopard thunder boycycle

Iteki if you were trying to log into your email and couldn't because last night someone tried to hack your password and this morning you had to type it in correctly a zillion times, how many times would you try before you gave up and called the admin to have her reset it?

People seem to be most worried about someone specifically attacking them in this way which seems silly to me. If you were the attacker, you'd find it much more efficient to simply ask a lot of people for their passwords. A small but significant fraction of them will give it to you. There are a lot of relatively simple things you can do to get that percentage up. There's no formula of password storage or complexity which is safe from this.

If the attacker does wish a password from you, a specific target, again you can expect to be asked for it.
posted by wobh at 8:09 AM on August 14, 2011

That Raspberry Pi does look like an amazingly cool device, and if only it had a device-side USB port as well as a host-side one and could be powered from USB, surely could be scripted into doing what I want. Massive hardware overkill, though.
posted by flabdablet at 9:53 PM on August 14, 2011

wobh, there are countermeasures to rubber-hose cryptanalysis.

Here's a rejigged UI proposal for the keyboard intercepter that means that the PC it's attached to only ever sees individual passwords, never the KeePassX database master password.

The intercepter normally passes through all keys as they're typed. But waiting at least one second, then typing ``` and waiting one more second, activates the interceptor (this is reminiscent of the +++ escape sequence employed by dial-up modems to get into command mode while online). Normally you'd do this when prompted for a username.

On recognizing the escape sequence, what the interceptor does depends on whether the passwords.kdb database is currently open or not.

If it isn't, the interceptor sends three backspaces to erase the ``` from whatever text entry box they've just been typed into, then sends Key: and waits for keyboard input. Each character of input is collected in a buffer and passed through as * (star); backspaces are allowed, erasing the last character in the buffer and passing through as themselves. Hitting Tab or Enter causes the interceptor to pass through enough backspaces to erase all the accumulated stars and the Key: prompt, then attempt to open passwords.kdb using the collected keystrokes as the master password.

If passwords.kdb was successfully opened, the interceptor would then send Login: and wait for more keys. These it would pass through as typed, as well as collecting internally. On detecting Tab or Enter, the interceptor would send enough backspaces to erase all the displayed characters and the Login: prompt, then look up the KeePassX credentials entry whose name is now in its buffer, then send the Auto-Type sequence defined for that entry (KeePassX allows this to be defined arbitrarily per entry; by default, it's a username, then Tab, then a password, then Enter).

Typing Tab or Enter immediately after the interceptor displays Login: or Key: would send enough backspaces to erase the prompt, and then close the database if it was open. The database would also close automatically, five minutes after the last credentials entry was extracted from it.

If passwords.kdb is already open at the time the ``` escape sequence is detected, the interceptor would send three backspaces and then go straight to the Login: stage without going through Key: first.

So, let's assume I've got credentials for my workplace's Windows login, my Gmail account, and my Internet banking set up in KeePassX (or KeePass - same database format) and saved under Work, Gmail and Bank respectively inside the passwords.kdb file on the interceptor's mass storage device. I'd walk up to my workstation, take my handy interceptor from my pocket and plug it in between the PC and its USB keyboard while the PC is powering up.

On being presented with the Windows login screen, I'd hit Ctrl-Alt-Del to begin, then click around as needed to make a Username box appear. Then I'd type ``` and wait for one second. On seeing Key: appear inside the Windows username box, I'd type my KeePassX master password; while typing it, the Windows username box would contain "Key: ***********". Then I'd hit Tab. I'd see the username box erase itself and then display Login: at which point I'd type Work and hit Enter. I'd see the username box erase itself again, then fill with my work username; I'd briefly see a password box fill itself with •••••••••••• and then I'd be logged on to Windows.

I'd fire up a Web browser, click the Gmail bookmark, then click in the Gmail username box, type ``` and wait one second. On seeing "Login: " appear inside the Gmail username box, I'd type Gmail and hit Enter. "Login: Gmail" would erase itself, the Gmail username and password boxes would fill themselves in and I'd be logged in to Gmail.

Halfway through composing a mail, I'm called away to a meeting. I type ``` and wait one second; the word "Login: " appears at the end of the text I'd been typing. I hit Tab to close the interceptor's passwords.kdb database; "Login: " gets backspaced out, I hit Windows-L to lock the workstatation and walk away.
posted by flabdablet at 6:47 AM on August 15, 2011

I had assumed that Randall was pointing out the fact that using random easy to remember words with spaces would create a stronger password than a single word password with capitals and numbers.
posted by Peregrin5 at 9:56 PM on August 15, 2011

OK, let me throw my password technique onto the pile here.

Currently, I use a phrase ("IUseAPhrase"), altered with two initials representing the site, and a digit for my password, everywhere. For instance, my passwords look like:

Metafilter IMF5UseAPhrase
Fark IFA5UseAPhrase
Mellon Bank IMB5UseAPhrase

In this way, my password is not composed strictly of dictionary words, does not (typically) contain leet-style substitutions, and does use Mixed Case and 0-9. It's easy-peasy for me to remember, and almost unique for each website.

Problem: there are stupid, STUPID websites out there that limit my passwords to only 8 characters, and/or only use the first 8 characters, and/or require me to have Mixed Case and a digit in my password. Ergo, a good password scheme should accommodate all those possibilities; mine does:

Dumb Website IDW5UseA

Either the website or I clip the password at 8 chars, which still meet the other criteria.

Let's move to four dice words:

main trump novo dyke

Add a randomly-chosen integer: 8.
Add a randomly-chosen special character, chosen from the keyboard character over a random digit: ^

And, of course, the website initials. Take two, so the frequency of repetition is low, but the certainty is high that you'll grab the right two initials (if I used *3* initials from Mellon Bank, did I use MEL, MBI, or... what?). I don't start with those initials, because if for any reason at all I have to give a single password to a friend, it's not immediately clear what my scheme is.

Metafilter Mainmf8Trump^NovoDyke
Fark Mainfa8Trump^NovoDyke
Mellon Bank Mainmb8Trump^NovoDyke
Dumb Website Maindw8T

OK, that's a lot of typing, but I now have a "single" password that I can use uniquely for every account. If a website is gathering passwords to use maliciously, it's incredibly unlikely they're hand-processing anything at all, and so my 2-initial customization means that a security leak on Metafilter or FB won't jeopardize my Mellon Bank password (and vice versa).

(If you don't have dice handy, you can still generate truly random numbers here.)
posted by IAmBroom at 2:05 PM on August 16, 2011

Ideas like Keepsafe and keyfob generators bug me, because I simply cannot guarantee web/app/keyfob access every fricking time I need a password.
posted by IAmBroom at 2:07 PM on August 16, 2011

If I don't have enough control (or security) to download KeePass and my encrypted password database off of dropbox, then there isn't any way to ensure that my password isn't being keyelogged.

I use "dumb" passwords for sites like Metafilter, that I might access safely on the road. For stuff like banks, my web server, and gmail, I wouldn't want to access those from a public computer in the first place.
posted by muddgirl at 3:03 PM on August 16, 2011

Unplugging a keyboard's USB cable in order to insert the password interceptor would be a natural opportunity to detect at least some hardware keyloggers. It wouldn't help you find a logger embedded in the keyboard itself, or a software one running on the PC. However, any keylogger on the keyboard side of the interceptor would only get access to a KeePassX master password for a database that could easily be made completely inaccessible to the host PC (all that would take is a do-not-mount switch on the interceptor to prevent it exposing its mass storage interface). A logger on the PC side would only get whatever passwords you'd actually used in that session.

It would also be quite easy to stick an entire bootable OS on the interceptor's mass storage side, which could mitigate many of the security problems inherent in using public computers. This would actually be fairly safe if you always made sure to plug the interceptor into one of the on-motherboard USB connectors at the rear of a PC; adding hardware keylogging to one of those involves more soldering than most public computer owners are up for.
posted by flabdablet at 7:15 PM on August 16, 2011

You could easily use actual randomness when initially generating the passwords. Two examples :

(1) You simply apply Randall's procedure beginning with a couple truly random dictionary words, which you might find using :

#!/usr/local/bin/perl
use Tie::File;
tie (@D, 'Tie::File', "/usr/share/dict/words", mode => O_RDONLY) or die;
print ($D[rand $#D+1] . "\n") foreach (1..15);
untie @D;

As my /usr/share/dict/words has 234936 line, the first n lines of output are a password with n * 17.8 bits of entropy. You should however select more familiar words and conjugate them to obtain something I'll remember, greatly reducing this entropy, but you'll certainly avoid the penguin penguin penguin problem.

(2) Ignore all the silly characters and focus upon making a long but rememberable password by making nonsense words using pronounceable syllables, like say consonant-vowel-consonant combinations. In this next password generator, each consonant adds 4.3 bits of entropy and each vowel maybe 2.3 bits, giving 11 bits per syllable, but again requiring fine tuning to create a memorable password.

#!/usr/local/bin/perl
%vowel_freqs = (a => 82, e => 127, i => 70, o => 75, u => 28, y => 20);
while (($c,$f) = each %vowel_freqs) { push(@vowels,$c) foreach (1..$f); }
foreach $i (1..10) {
  do { $c = chr(ord('a') + rand 26) } while ( $c =~ /[aeiouy]/ );
  print $c;
  print $vowels[rand $#vowels+1] if ($i % 2);
}

You could slightly tweak up the entropy by using a flatter probability distribution on the vowels.
posted by jeffburdges at 9:15 AM on August 25, 2011

Just fyi, the entropy of a probability distribution is - Σ_i≤n p_i log₂ p_i, which clearly equals log₂ n when p_i = 1/n for i ≤ n, i.e. the uniform distribution.
posted by jeffburdges at 9:37 AM on August 25, 2011