The Future of Passwords
Passwords – the current status
In the last few weeks I have received a lot of emails regarding passwords and their use. A common question is why they are increasingly failing. I also think there are some misunderstandings how passwords work and some confusion between the use of passwords and passphrases.
So I decided to write a short article on the current status of passwords and what we need to think about when using them.
Passwords & Passphrases
First of all what is the difference between passwords and passphrases. Basically a password is a random combination of characters chosen from a set of allowable characters, while a passphrase is a combination of several random words chosen from a set of allowable words.
How are passwords broken? If we assume each character of a password is chosen completely at random, the only chance of breaking these passwords is via brute-force. A machine must try every possible combination of characters. In practice the average user has an easy to remember password and these are used for a dictionary attack which is much quicker.
To break a passphrase a brute-force attack in combination with a dictionary attack is used. Every combination of words is tested against the passphrase.
How quickly can a combination of characters be tested? With current technology this is ca 10^8 or ca 2^24 combinations per second.To calculate the entropy (or strength) of a password, the character set is raised to the power of the password length. For example when selecting from 64 different characters at random for a password of 4 characters, the number of combinations would be 64^4 or 2^24 (24 bits of entropy). This would take less than a second to find with current technology.
How does this compare to a passphrase? For the generation of a passphrase I assume the user has a vocabulary of ca 10,000 words. Thus a passphrase consisting of 4 randomly selected words would have 10000^4, 10^16 or ca 2^48 combinations (48 bits of entropy).
A good password should have about 80 bits of entropy i.e. 2^80 or ca 10^25 different combinations for the password. This means a brute-force attack would need to test 2^80 different combinations. This would take 2^56 or ca 10^20 years to brute force.
To achieve 80 bits of security, a password needs about 13 characters while a passphrase only needs about 7 words chosen from a vocabulary of 10,000 words.
If you do the math it is straightforward to see that the complexity (number of combinations) of passphrases increases much faster than those from passwords. For example, a 4 word passphrase chosen out of 200,000 words has an entropy of 70 bits. Increasing the passphrase from 4 words to 5 words in a set of 200K words increases the entropy from 70 bits to 88 bits. So use a passphrase of 5 words from a vocabulary of 200K words and you are secure.
The problem with passphrases is that most applications do not use them at the moment or have a limit on the number of characters that can be input for authentication. Passphrases are generally speaking easier to remember than passwords.
The problem with passwords is well known, few people can remember a 13 character password. And of course most users need to remember passwords to at least ten different applications.
In August 2014 it was announced that Russian hackers stole 1.2 billion passwords. Even though such claims sound exaggerated, and not correlated with a proportional amount of fraudulent access to user accounts, password compromise is always a major problem for the web sites involved – even more so when it causes direct reputation damage by having the company name mentioned in the press or TV. On 22 May 2014 eBay lost 145 million passwords to cybercriminals and this was reported in the financial times. Shortly before this, in April 2014, it was the famous Heartbleed bug that forced password resets on a reported 66% of all websites. And last year, in November 2013 it was Adobe who lost the passwords of 150 million users
We see with alarming frequency some major security exploit that compromises an enormous number of passwords and forces the affected companies into asking their users to pick a new password. This is already a problem of epidemic proportions
Humans in general do not prefer to memorize characters and if they have to memorize passwords do so with the least possible effort. This human behaviour leads to different vulnerabilities, including:
– Using passwords which are vulnerable to dictionary attacks
– Using passwords that are short enough to be vulnerable to brute-force attacks
– Using the same password for different accounts
– Constructing a password from obvious information, such as birthdays or addresses, making the password trivial to guess
– Avoid changing the password according to a recommended time interval
– When changing the password, choosing a new password similar to the old password
These vulnerabilities have been the main reason for many account compromises.
As a standard precaution passwords should be hashed. Passwords should be stored hashed. When a user enters the password, the password is hashed by the client application and compared to the hashed value on the server. If the hash values match the password is correct. The use of a hash requires much more effort for an attacker to break the passwords.
The hash is an algorithm with the property that if the hash is stolen, then the password cannot be easily recovered. A common problem, particularly in less modern applications, is applications do not use a hash for authenticating the user – so if there is a hack the database is fully exposed.
Most users require access to many applications and it is easy for end users to forget passwords. Therefore there is a tendency to use fewer passwords and shorter passwords which are easier to brute-force. The requirements from the service providers is however to use longer passwords which are easier to forget. The result is users writing down or storing passwords in easy accessible locations – so passwords are increasingly ineffective and insecure.
One further issue to consider is provision for the disabled. Password strength is also about how they are used rather than just the theoretical strength.
Many password management systems (or biometric systems) are a challenge for disabled users, and often supporting disabled users may remove much of the security that the password management system provides.
Some problem areas:
1) The user may be physically unable to use the technology – either because it is inherently impossible e.g. fingerprint scanning for someone with no fingers, or just badly implemented e.g. mandatory 2FA tokens unusable by blind people.
2) The reset or enrolment mechanism may be difficult or impossible for the user to use, and again workarounds etc. may undermine the security e.g. if their care worker has to enrol for them.
3) It may be difficult for a disabled person to securely use the system in a public place e.g. having to read out passwords as an alternative to typing.
Any organisation providing a public service will have various legal obligations to support disabled users including any password management system, and any special measures for them may be a weak spot that attackers will target when trying to break into systems.
It is also worth noting that almost 1 in 5 people in the UK are disabled in some way, and across the EU this equates to around 60 million people.
State of the Art
Searching for alternatives to conventional text based authentication systems has caught the attention of many researchers. While text based passwords remains the dominant technique in authentication, other knowledge based authentication approaches are under development.
One interesting idea I have seen is to generate passwords from location based data. This introduces the concept of Geographical Passwords – which is patented technology. Perhaps in future I will write a more detailed account.
Essentially it is much easier for a user to remember a memorable location, anywhere on the surface of the earth. Several (typically four co-ordinates), defining a shape e.g. a box around this location are calculated, and these values are used together with an identifier e.g. URL or a 128 bit random number to define a long password with at least 128 bits of entropy.
Source: “GeoGraphical passwords” in Int. J. Security and Networks, 2014, 9, 56-62
A PDF of the peer-reviewed research paper is available via Open Access to everyone here:
As you might guess it is practically impossible to guess or break such a system with current techniques and the user only needs ONE password for any number of applications (since each application has a unique identifier which is combined with the location based data). This system is currently under development and promises to revolutionize password management.
For those interested in further details here is a link to the company developing the new system
The future of passwords looks very interested. Pay attention for further postings