Bitcoin Forum

1. Do not use the same password in more than one place.
2. If you can remember your password, it is probably weak.
3. If your password is less than 12 character long it is probably weak.
4. If your password does not contain numbers, upper-case letters and some weird symbols, it is probably weak.
5. Use password management software to store and generate passwords, such as firefox's password manager, keepass etc...
6. Use long mnemonic pass phrases as master passwords for password managers and and other accounts which you need to be able to access without using password management software (like gmail account and truecrypt containers, for example)
7. Consider writing some important passwords down on paper and storing it in secure location.

Your mileage may vary.

You also have to realize that the complexity of your password doesn't really matter. Why? Because hackers these days get the passwords through other methods (ie. stealing the database and cracking the passwords).

The only real thing a complex password protects you from is bruteforce attack. Bruteforce attack only works if your password is insanely simple or the webserver doesn't ban your ip after 3-4 failed login attempts.

Now I am not saying that your rules are bad. They are good rules to follow. What I am saying is that people need to take more precautions than just making a complex password and thinking they are safe. You need to make it so that even IF a hacker gets into your account that they can't do much damage and that you always have the upper hand.

Those are good tips, however, I think we need a 'best practices'  for web developers. I would say:

• Use Sha512 - not MD5 for hashes
• Salt passwords with at least 20 characters - DO NOT STORE SALT WITH HASHES
• Do not store email addresses as plain text, store encrypted
• Use parameterized input for SQL to avoid SQL injection attacks
• Use form tokens to prevent CSRF attacks

1.  Do not use mt.gox
2.  Do not use mt.gox

Yes, if you are using bitcoin7.com instead, then you're probably alright. ::)

Yea web server security is 100x more important.

You could have the most complex password ever, but if the website is not secure then your screwed.

3, 4 and 5 are good, but I don't think you understand how password hash systems work.

1) MD5 is fine for passwords, when used in a salted iterated hashing system.
2) Passwords are salted with a set number of bits, that depends on the system you are using, not some number of characters.  And the salt must be stored with the password, otherwise you don't know how to compare them.  Unless you are talking about a having a secret that you append to all passwords before sending them through the salt and hash procedure.

Ideally, using a different salt for each password is good - but storing the salt in plaintext inside the database defeats the purpose (only means that attackers can't rely on pre generated hash databases).

At the bare minimum, they could've salted the passwords inside the source code and only stored the resulting hash to the database.

So that, password "12345" becomes "12345lkj3409ruflk30rjfsldk4lkljflkj234%%#$4324", which is then hashed and stored in plaintext.

This simple step would've prevented the entire MtGox issue that we've seen yesterday.

Guys, this thread was not intended as educational resource for PHP programmers. It is and the password handling rules are for regular users. How this could not be obvious?

Please continue your "how to develop secure web apps" discussion elsewhere.

Not entirely true, as the recent issue confirms. If an attacker gets access to a list of password hashes, the complexity of the password is a huge factor in how long it takes to determine your password.

Using Sha512 instead of MD5 will change nothing.

If possible, I'd suggest to use scrypt (http://www.tarsnap.com/scrypt.html). If there's no available scrypt implementation for the language your using use bcrypt (http://en.wikipedia.org/wiki/Bcrypt).

This actually isn't true, though one might think so. See new reasearch by Steve Gibson: https://www.grc.com/haystack.htm

"research"? That is more like a very weak and naive claim. Old man seems to be getting way behind the curve.

With all due respect, to Steve Gibson and his cute idea of easy to remember passwords, I am going to have to disagree with him on this. He claims that 'D0g.....................' is stronger password than 'PrXyc.N(n4k77#L!eVdAfp9'. He should know better.

It might be the case when stupid brute force is employed, but these days attackers use much much more effective ways to reduce the key space than simply iterating over all permutations, as Steve seems to believe. These include permutations of dictionary words with common replacements of letters by numbers with various uppercase/lowercase scenarios in combination with sets of same symbols repeating as well as other methods of reducing keyspace by emulating various patterns people use to create passwords they can remember. These techniques often reduce keyspace by many orders of magnitude.

Here is what I use to keep my passwords safe.

1) KeyPass and KeypassX:  I have it on my Windows systems, Linux Systems and my Android phone.  The database can be synced and used by all 3 Operating Systems.

2) Every site I visit has a randomly generated password using the maximum amount of characters and symbols the site would let me use.

3) Master passwords I use for the databases are a place in the world and I memorize the latitude and longitude to create my master password.  I use Google maps to find the latitude and longitude and I do not click on the most obvious place at the location.

For Example:

If I want to use the Eiffel Tower for my password at 48.8583N, 02.2945E my password would be similar to this.  I never capitalize the first letter but some letter in the middle.  I also replace some of the letters with leet speak.  Now if I need my password before I memorize it I can just think of the Eiffel Tower and then use that to remember my master passwords.

3iff3lt0W3r488583N022945E

GRC rates the above password 2.09 trillion trillion centuries to break.

-Dukejer

This page contains a serious flaw.  It may well be true that padding increases the strength of your password, but if an attacker cracks one of your passwords, he will know what padding to use for your other passwords.

No matter how complex your password is, it can still be easily hacked if the attackers gain access to the database. A much more secure way to login that I wish more sites would implement is Gmail's two-step verification process, where you must enter your password and enter a verification code sent to your phone in order to login. I think that the time where a complicated password that would be impossible to brute force being sufficient has passed. Newer, multiple-step verification processes are necessary. Maybe MtGox can consider implementing something like that. It would sure make their users feel safer.

One way to construct a somewhat easily remembered long password is to think of a song, poem or somesuch, which you could remember in your sleep, and then apply some algorithm on the words.

As an example, pick the first three letters of each word from the first line of Paranoid:

Finished with my woman 'cause she couldn't help me with my mind

Then pick some characters to delimit the letters and maybe start or end the password. Make up some rule by which you make some of letters uppercase. For example:

3Fin.wIt.my.Wom.'Ca.she.Cou.hEl.me.Wit.mY.min%

That's 46 characters fairly easily remembered. Half of that would be enough, and in fact 3 letters may be a bit much since I ended up with a couple of dictionary words in there.

(You want the brute-force search space be large: use 1 or more characters from each group: uppercase, lowercase, numbers, symbols.)

This is not true. A properly hashed strong password would take millions of trillions of trillions of trillions of trillions of trillions centuries to break even with the most ridiculous hashing cluster you can imagine. See the link in foo's post above.

Even the Unix MD5 crypt scheme is really strong as long as you stay away from dictionary words and make sure the "search space" is large enough.

Also, once an attacker has gained access to a database, the game is pretty much over, and the passwords are only a nice bonus...

I stand corrected. Nonetheless, as you say, once the database is hacked, you're screwed anyway.

Does anyone use PasswordMaker ?

https://addons.mozilla.org/en-us/firefox/addon/passwordmaker/

I'm thinking of using this system.

I don't know anything about that, but I use and reccomend LastPass (https://bitcointalk.org/annoyance.php). It is essentially the same type of thing as PasswordMaker, but works on all major browsers, has mobile apps, and is generally very secure.

Here is a much simpler way to create easy to remember (not only somewhat easily remembered) and secure passwords: Use a complete sentence as your password! If it has more than four words, it is secure enough, and if you make it a bit obscure, nobody can guess it. So instead of
3Fin.wIt.my.Wom.'Ca.she.Cou.hEl.me.Wit.mY.min%
just use
Finished with your wife, although she helped my cat.

And BTW, forget about these special characters and such. The blanks that separate the words suffice. Special characters only make your password more complex and harder to remember. If you are concerned about the security, just choose a sentence that is a word longer.

Why? Because nothing beats length! (an increase in length adds to the exponent of the complexity, one more special character only adds to the mantissa).

In other words: Just make words the atoms of your "password" and you win twofold:
1. It easier to recall a (near)-sensible sentence than a single word (or the trace your cat left when it walked over your keyboard).
2. It is much more secure, because it is harder to crack (both by a dictionary attack and by simple brute force).

Here is the downside: It will take you longer to enter your password...

Dictionary words are always a bad idea, even though you are correct that length does always make a password stronger.


Don't.

There's a huge difference between having to brute force through 65^n and 95^n. Though you don't really need that many. The passwords that I need to type often look like bab+ef+qeo+feo+F9!. It's still pretty fast to type. Most of my passwords are KeePass generated, though...

I use Password Maker (http://passwordmaker.org/) ; it's way easier to remember a few settings than to remember hundreds of secure passwords, and i don't have to worry about someone finding my passwords stored anywhere (well, except in the databases of unsecure sites)

I Second Lastpass.

Strong encryption of the pwd database (Which even they cannot break), Automatic syncing to all my computers, Auto-filling of passwords and forms, and everything is encrypted on my computer, then sent.

As I read all these password posts and don't happen to read any advice remotely near to the system I use, I only get more and more astonished. I just can't believe no one does this. Well, let me share what I do—may not be the best of the world but it works for me.

All* of my passwords are derived from the corresponding login and a couple of rules. Example:

• Take a reasonable string like vU4p!,a'fZx*
• Change its first character into the last in the login
• Change its fourth character into the second in the login
• Change its seventh character into the length of the login (or its last digit if the length is greater than 9)

So, if the login is "an0therlr3", the password would be 3U4n!,0'fZx*.

It takes a little of practice, but it pays off. The initial string could be based on a real sentence (as already suggested on this thread) for easy remembering. You can have more than one of these rules, of course. It's important not to change the last characters in the initial string, since some sites have an absurd limit of eg. 8 characters, and the modifications wouldn't be taken into account.

This even allows you to have the passwords written in a text file, stored unencrypted in the computer. Example:


A given attacker would have to break (by brute force) at least two passwords built with the same ruleset to be able to easily break a third.



* Excluding the typical bank PIN and the likes, which are severely crippled.

What you mean is that it will not change enough.

Each hash will still take ten times longer, and remove a layer of script kiddies who can't be bothered finding cracking tools that support SHA-512.

Not necessarily. Four obscure words joined together may be beyond the length of what many popular cracking tools support, and of relatively high strength. Assuming each word is only found in 100k+ dictionaries, there are 100000000000000000000 possibilities.

If such passwords are not strong enough, you really need to reconsider how much of your life should be tied to computers.

Read the page again. The point is not that everyone should use passwords that's a dictionary word followed by repeating the same character X times, the point is that entropy is overrated, and a longer and memorable password is stronger than a shorter and impossible-to-remember one.

That's true, if a password is cracked, and a human examines it. But if your password is something like 15 characters, it will take centuries to crack, so it won't be your problem if anyone ever succeeds. :)

For me it is all simple. I have two types of passwords. Those which I do want to remember and others (for which it is task of my computer to remember and store securely).

For those passwords which I want to remember I am fine with using Steve padding approach or something else.

For the rest of them there is not a single good reason whatsoever to make them any less random or short than it can possibly be. Too bad some idiotic websites unreasonably limit maximum password length and alphabet. I'd be happy to have all such passwords 1000 symbols long. I quite often encounter systems which limit password length to 10 or even 8 characters!!! Particularly some banks, are guilty of this (idiots!).

In early May of this year, LastPass announced that it believed that its user database had been compromised, very much like Mt. Gox recently.  Here's a link to a story in a respected technical news source, TechWorld:

http://www.techworld.com.au/article/385447/lastpass_hack_fear_leads_password_reset/

I work as a technical writer for a Fortune 1000 firm in the U.S., in a product area that provides security software for use by banks and other institutions that deal with financial and other highly sensitive (usually legally protected) information.  I would NEVER use or recommend a cloud-based product to protect passwords to any account that is linked with a bank account that I own or a credit card that I am responsible for.  LastPass is a great idea for managing all of those accounts you have to sign up for to get access to news sites or other fun stuff, but not for the accounts that actually matter.  

For accounts that matter (your bank accounts, accounts on your credit card site, PayPal, Dwolla, investment firm accounts, accounts with a currency or stock exchange, accounts with your utility company, etc.), you need something local and secure.  I recommend keeping those passwords stored in a text file encrypted with GPG or in some other form that uses a strong encryption method.  I also recommend backing the encrypted file up on a USB dongle or (even better) a CD that you replace every time you add a password.  Finally, use a product that wipes (rather than just deleting) files on the computer that you use to encrypt and decrypt this file, and wipe the swap file every time you access that file.  Another option is to use a product that encrypts your hard disk or swap file, or both, such as TrueCrypt or my favorite, Jetico Bestcrypt.

I'm not entirely immune to hackers or a password-stealing trojan; nobody is.  But if you do what I suggested, your chances of surviving a hacker or virus intent on stealing valuable information are much improved.