This is just a way to create a slightly more complex password, if it's stored as a fast hash (like md5) then it's still going to be very easy to crack.
The problem with this method is that if one of your passwords is leaked and cracked then it wouldn't be too hard to guess how your scheme works. This gets even easier if they have 2 or more of your passwords.
It seems to me that a scheme like this would have to be much more complex, which unfortunately would just make it a pain to use.
I really wish Google, Mozilla, Microsoft, etc would step up and build a better authentication system right in to the browsers, perhaps with public key cryptography like SSH uses - then we'd have automatic logins to any site you decide to trust, and no more passwords.
>This is just a way to create a slightly more complex password, if it's stored as a fast hash (like md5) then it's still going to be very easy to crack.
It's not about storage, it is about how to get people to use different passwords. Arguably, the passwords are not very different, but what matters is that they are no longer identic
Its still good advice to people who use the same password on all their accounts. 'just prefix the password with the first three letters of the hostname' will make sure they're slightly better protected in case of a password leak.
We can all agree it's better than using the same password on every site, but the people who do this are very unlikely to adopt such a system.
Try explaining this to a small child or elderly person, it's just not going to work.
The technology to do away with passwords all together already exists, we just need the right people (lets face it, it's probably going to be google) to standardise and implement it. It's no easy job but in my opinion is necessary for the web to move forward.
It's definitely not a fool proof or airtight system, but it's going to be at least a little time consuming to figure out the mechanism. Sure, a concerted effort will still break it, but you can protect yourself a bit more from a "0-day" hack than the alternatives: same password everywhere.
We definitely need better authentication methods. For example, why couldn't Google open up their 2 factor authentication method? Why is it that my battle.net account can have better security than my bank account?
They include a JavaScript implementation and a PAM module. In fact, Dreamhost just implemented two factor auth that uses the Google Authenticator app last week. It works really well.
In addition, Clavid OpenID integrates with the Google Authenticator app if you're an openID user.
I've been looking at the Yubikey+LastPass combo, which can also integrate with Google two-factor if you install a helper app. It seems like a nice solution, except that I'm really not a fan of the LastPass user experience.
in most password leak situations the issue is that you've used the same password elsewhere.. if it doesn't work, move on. It's unlikely you would be targeted specifically in such a situation.
mozilla is building browserid, while it does not get rid of passwords, it might be one spot where you can deply something like that. when integration within your browser happens, maybe we are not even far off...
This is not good protection against a targeted effort -- when somebody wants to get your account as opposed to any account, when they have one instance of a "salted" password they might be able to reverse-engineer your salting effort and apply it to another site. And they don't have to completely reverse it, either, it might be enough to significantly reduce the difficulty of brute force.
But it sure beats using an identical password everywhere, and it does have the one major (and massive) advantage of using an identical password on n sites: you only have to remember O(1) things as opposed to O(n). And it can still be done completely in your head, as opposed to other schemes ("real" hashing schemes, password managers) which may introduce their own invulnerabilities or will lock you out from accounts on other computers.
...it can still be done completely in your head, as opposed to other schemes ("real" hashing schemes, password managers)
I'm using a free password manager (KeePassX) with the file hosted on Dropbox for a couple of years now. I've not had any major trouble with it.
People might like to note, though, that my 16 character randomly password (lowercase letters and numbers for over 128 bits of entropy) was still cracked during the LinkedIn incident. I'm switching to 24 character passwords now.
Isn't that putting a lot of trust into Dropbox, and into your own ability to make sure that you never accidentally leave a computer logged in on Dropbox?
Why not use a password manager? You only need one password and don't have to do salt tricks. There are even password managers with 2-factor login. Unique strong passwords for each site auto filled. Super easy.
They need an app for that. Not one that helps you login quickly on your own machine or phone, but one that helps you login to your sites on a 3rd party computer.
This is, in my opinion, the best way (by far) to handle passwords for non-security-critical accounts.
Came across this forum that you last visited 7 years ago? Remember the password? With this technique you will, without resorting to password managers - and still have a unique password on every site.
Remember not to make your salt obvious though. In other words don't just append the domain name in front of the password or it will be quite worthless. Instead take for instance the third letter in your password and let it be the second-to-last letter in the domain name (and do some further transformations), and you're good to go. You will remember the specific password for sites you go to often but for any site you will be able to "re-generate" the password in your head.
What do you find so hard about "resorting to password managers"?
For me, I reckon adopting 1Password has _reduced_ the amount of hassle dealing with passwords causes me. 95+% of every website login has become command-slash-return. Registering for new sites has added a single click to the "do you want to save this login" popup.
Since I always carry my smartphone, I've _always_ got my passwords securely stored in my pocket, as well as on my Pad, laptop, and work machine. I find it hard to understand why people _don't_ use some sort of password safe software…
No no, sorry - I wasn't clear enough. Let me clarify.
Transcribing passwords off my phone is always available as a last resort (most commonly used at the terminal in the datacenter, so extremely rarely). Almost all password entry is autofilled (via browser extensions) or cut/pasted from the 1Passwrod app.
"command-slash-return" - also needs my password safe passphrase (unless I've entered it in that last 5 mins and the machine hasnt slept or entered screensaver mode).
My phone is only one of devices with synced copies of my password safe data.
The only "limit" I've ever felt I've had since getting properly invested in using 1Password is that I now occasionally waste time having to "back down"from my default 16 random char passwords when somewhere won't accpet that length or charset.
By all means, strengthen your passwords. But a major flaw in this approach and many others is that there is no validation step at the end. These days, users must ask themselves questions like, "Is the hash of this password likely to be in a rainbow table?" or "If an attacker knows two of my passwords, can they determine the rest?" Any sufficiently random and/or complex approach is still capable of generating weak passwords. Unfortunately, the only question users tend to ask themselves is, "Can another human guess my password?" That's not enough and hasn't been for a long, long time.
I have been experimenting with using what I call a "site specific password munger." Basically it takes a key (random data stored on the computer), a password, and a site identifier (say: "hnews") and produces a password. I have been using it for several sites I use frequently and so far I have found it to work quite well. When I am remote, I use my phone to ssh into a secure server to compute the passwords and then copy them off the screen.
it does not stretch and does not even use a serious hash (md5). it is also completely predictable how it builds its per-domain passwords. this will only work for very good master passwords. and even then it will disclose your master password after a while. (it doesn't help either that its example master password is 'snowflake'...)
pwdhash is a project out of stanford that wraps all this up into a browser extension. It just hashes your password with the domain you're logging into.
wow thats so cool. for a long time now, i've been looking for a solution. i tried keepass, but it doesn't really work well in linux, and i don't have my passwords on other computers.
then i tried lastpass, but i don't like the idea of my passwords beeing stored somewhere else (even though they are encrypted).
this sounds like a solid solution to the easy-to-remember but different-password-for-each-site problem. definitely gonna give it a try.
> i tried keepass, but it doesn't really work well in linux,
Try KeePassX http://www.keepassx.org/ which works really well in Linux. It even has a hot key to push username and password into the appropriate fields in the browser.
I installed it a week or so ago (after trying others) and am pretty impressed so far.
Edit: I notice it uses MD5 though. Question: how secure would this kind of system be with bcrypt and an OS X Password Assistant "memorable" 12 char password?
I don't do anything of the sort and not only do I sleep fine at night, I don't have to go through some ridiculous ritual 100 times per day just to log in to a web site.
If you use a distinct random passphrase on each site, they are virtually guaranteed not to hash to the same value under any hashing scheme. What obvious point am I missing here?
Misleading is an understatement. This is exactly the kind of article you don't want a developer/admin to read when searching for information on password salting.
First of all, choosing nursery rhymes or movie titles isn't much better than choosing dictionary words. That strategy has been shown to have low entropy. Multiword passwords are easier to remember, but you need something actually random. If you want a strong multiword password, it's a good idea to have an actual RNG do it for you, so you can use something like http://passphra.se/. If they don't already, hackers will soon have dictionaries that will crack passwords like "ring around the rosy" and "there is no spoon" as easily as "champagne", but they're never going to crack a password like "eager man dirt fly" in better than brute force time.
OK, so with that out of the way, let's say you've chosen a weak (and common) password. If people start using this self-salting scheme, it's a fair bet someone else that will use the same self-salt as you, and that means two identical hashes in the database. That's bad news.
But it's also easy to fix. Simply choose some fixed salt to also add to your password. It could be the first two letters of your username, for example. That way, if "bobmarley" and "jackblack" both have the password "champagne" and both used the first four letters of the website for their salt, then on linked in one will be "linkbochampagne" and the other will be "linkjachampagne", and they can rest knowing that it's very unlikely that their password will hash the same as someone else's.
The problem with this method is that if one of your passwords is leaked and cracked then it wouldn't be too hard to guess how your scheme works. This gets even easier if they have 2 or more of your passwords.
It seems to me that a scheme like this would have to be much more complex, which unfortunately would just make it a pain to use.
I really wish Google, Mozilla, Microsoft, etc would step up and build a better authentication system right in to the browsers, perhaps with public key cryptography like SSH uses - then we'd have automatic logins to any site you decide to trust, and no more passwords.