NXT :: descendant of Bitcoin - Updated Information

[wesleyh]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Not that this one is better, but maybe it is easier for the most users to understand:

1) at least 35 characters
2) less than 50 characters requires upper case and numbers

OK, so I could simply say:

Your secret phrase should be at least 35 characters long.

And then I can show the rest, (if the pass is less than 50), as an error message. Otherwise the description would be too long, agreed?

[1714936223]

1714936223

[bitcoinpaul]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Three thoughts:

- Just say Passphrase should be at least 50 characters long
- Show an indicator how good the chosen passphrase is
- Allow people to chose a weaker password

[wesleyh]

The difference between what? A secret phrase consists of multiple words, a password is typically one long word.

Why making this difference?

Because if you type a password it must be 35 characters in length AND have numbers AND uppercase AND special character. A 12 word phrase does not require this.

Uff. That's complicated.

Having 2 2 2 2 2 2 2 2 2 2 2 2 is okay, right? But that's only 24 characters.

No, it must always be at least 35 characters.

Passphrase Politics:

As the spreadsheet shows, password complexity is far less important than length when defending against brute-force crackers.  Hence, train your users to use long, easy-to-remember passphrases instead of short, random, hard-to-remember passwords.  Here's some advice for overcoming the political obstacles.

Don't announce to your users, "Henceforth all passwords must be 15-character passphrases", since this will only result in your assassination.  Instead, start a weekly internal e-mail security bulletin that includes a joke, cartoon, funny office story, or something else that will motivate users to open the e-mail instead of just deleting it.  Along with the joke or cartoon, include a security reminder (like "don't open e-mail attachments you're not expecting" or "alert IT staff if anyone asks for your password") and keep it as short as possible or else they're learn to trash the message on sight despite the jokes and cartoons.  

In your next weekly security reminder, include a tip like this:  

    "Passwords are hard to remember, so don't forget that you can use a pass-phrase instead (passphrases are short fun sentences with spaces between the words).  So imagine an incredible or funny scene and make that your easy-to-remember passphrase!  :-)    Here are some examples:

          kitty ate my face off!
          my 100 pups play fight
          naked clowns cost $$$
          20 carbs a day max
          I threw up a mellon?
          Vader is my father dude
          a 200% raise is nice
          I only love Star Wars
          Britney Spears = my wife


In the weeks to come afterwards, follow up with more reminders like this:

    "The more outrageous, dramatic, scandalous, humorous or shocking a passphrase is, the easier it is to remember and the better it is for security.  Go ahead, have fun!"  

    "Wouldn't it be nice if mis-speling words was a good thing?  It is!  The more words you missspell in your passphraze the better it is for netwerk sekurity!"

    "Song lyrics, well-known sayings, and famous poems are easy to remember, but not ideal as passphrases.  Here's a tip!  You can still use your favorite line, but change a word in it or make it goofy in some way...or IMPROVE it!  ;-) "  

    "A passphrase takes less time to type at your keyboard than a random-looking password, and it's easier to remember too.  Great passphrases are five words or longer (size does matter!) and please do include words that no self-respecting librarian would ever put in a dictionary!"

    "If everyone agreed to use passphrases instead of passwords, we wouldn't have to change them so darn often...hmmmmmm...."


After softening up your users like this for a couple months, enforce a passphrase policy, but only against the other administrators.  Why only the other admins first?  Because, one, the security of their accounts is vastly more important than those of regular users, and, two, THEY were the real targets of the above e-mail reminders anyway!  The real obstacle to enforcing a long passphrase policy is the prejudice of the other administrators who have always been taught that "nothing's better than a RANDOM passWORD".  Show them this spreadsheet (after deleting this paragraph) and run the numbers.  It's hard to argue against the math.  Once the other admins are convinced, you can get them to help you enforce the new policy throughout the forest.  "Enforcement" is the wrong word, however, since you'll get much further by educating users first about how passphrases can be easier to remember if they're funny/shocking/bizarre, and you might consider making a deal with them too, namely, if they accept the new passphrase policy then they won't have to change them as often.  

For the other admins, make sure they understand that 1) LM hashes are not stored if a password is 15 characters or longer, 2) their own passphrases should be 15+ characters long with mis-spellings, character complexity and/or very rare words, 3) cached credentials can be extracted from stolen laptops and possibly cracked, and 4) the actual strength of the encryption on a certificate's private key is really determined by the crackability of one's passphrase, not the advertised bit-length of the cipher used, and many things depend on the security of private keys, e.g., S/MIME, VPN, TLS, WPA, etc.  

Good luck!

https://www.dropbox.com/s/syd8vwf31y90ev4/Passphrase_Length_vs_Complexity.xls

I'll be sure to include this entire text on the password creation screen

[wesleyh]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Three thoughts:

- Just say Passphrase should be at least 50 characters long
- Show an indicator how good the chosen passphrase is
- Allow people to chose a weaker password

- 50 characters now? 35 is long enough I think, anyone else?
- Indicator, maybe in a later version. Good idea.
- Allow people to choose a weaker password? Do you mean less than 35 characters? if so, no. I like the approach of if < 50, then uppercase and numbers are required.

[igmaca]

Main article: Random number generator attack

Since much cryptography depends on a cryptographically secure random number generator for key and cryptographic nonce generation, if a random number generator can be made predictable, it can be used as backdoor by an attacker to break the encryption.
The NSA is reported to have inserted a backdoor into the NIST certified cryptographically secure pseudorandom number generator Dual_EC_DRBG. If for example an SSL connection is created using this random number generator, then according to Matthew Green it would allow NSA to determine the state of the random number generator, and thereby eventually be able to read all data sent over the SSL connection.[12] Even though it was apparent that Dual_EC_DRBG was a very poor and possibly backdoored pseudorandom number generator long before the NSA backdoor was confirmed in 2013, it had seen significant usage in practice until 2013, for example by the prominent security company RSA Security.[13] There have subsequently been accusations that RSA Security knowingly inserted a NSA backdoor into its products, possibly as part of the Bullrun program. RSA has denied knowingly inserting a backdoor into its products.[14]
It has also been theorized that hardware RNGs could be secretly modified to have less entropy than stated, which would make encryption using the hardware RNG susceptible to attack. One such method which has been published works by modifying the dopant mask of the chip, which would be undetectable to optical reverse-engineering.[15] For example for random number generation in Linux, it is seen as unacceptable to use Intel's RdRand hardware RNG without mixing in the RdRand output with other sources of entropy to counteract any backdoors in the hardware RNG. Especially after the revelation of the NSA Bullrun program.[16][17]

http://en.wikipedia.org/wiki/Random_number_generator_attack

[Jerical13]

Final draft. What do you guys think? I'm pretty sure this is what the bars are going to look like.

Cool.

[ChuckOne]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Three thoughts:

- Just say Passphrase should be at least 50 characters long
- Show an indicator how good the chosen passphrase is
- Allow people to chose a weaker password

- 50 characters now? 35 is long enough I think, anyone else?
- Indicator, maybe in a later version. Good idea.
- Allow people to choose a weaker password? Do you mean less than 35 characters? if so, no. I like the approach of if < 50, then uppercase and numbers are required.

I tend to agree. Less than 35 should be denied.

[rdanneskjoldr]

In the Asset Exchange,in 1OZSilver ..it says there are a total amount of 100.
There is a buy order for 190 of it.Shouldnt the quantity  be capped at the total number of items of that asset?To avoid misunderstanding something.

[ChuckOne]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Not that this one is better, but maybe it is easier for the most users to understand:

1) at least 35 characters
2) less than 50 characters requires upper case and numbers

OK, so I could simply say:

Your secret phrase should be at least 35 characters long.

And then I can show the rest, (if the pass is less than 50), as an error message. Otherwise the description would be too long, agreed?

Seems good.

[chanc3r]

Anyone for a pint?

[bitcoinpaul]

- 50 characters now? 35 is long enough I think, anyone else?
- Indicator, maybe in a later version. Good idea.
- Allow people to choose a weaker password? Do you mean less than 35 characters? if so, no. I like the approach of if < 50, then uppercase and numbers are required.

Passphrase must be at least 35 characters long.

If passphrase is less then 50 characters and contains no numbers and uppercases, prompt a message with this extra requirements.

edit: Ok

OK, so I could simply say:

Your secret phrase should be at least 35 characters long.

And then I can show the rest, (if the pass is less than 50), as an error message. Otherwise the description would be too long, agreed?

[wesleyh]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Not that this one is better, but maybe it is easier for the most users to understand:

1) at least 35 characters
2) less than 50 characters requires upper case and numbers

OK, so I could simply say:

Your secret phrase should be at least 35 characters long.

And then I can show the rest, (if the pass is less than 50), as an error message. Otherwise the description would be too long, agreed?

Seems good.

Is this a good error description (shown when less than 50 characters are entered):
 
            error = "Since your secret phrase is less than 50 characters long, it must contain both numbers and uppercase letters.";

btw, no requirement for special characters?

[TwinWinNerD]

Hey guys, i just forged a block with 9799 NXT. Wasn't there a price for that?

Anyone can find that link?

[igmaca]

....

I'll be sure to include this entire text on the password creation screen

see attached file

Depending on your adversary, edit the number of computers he or she will use in parallel for cracking and the average keyrate of each machine.  Assume that your adversary is using GPU (not CPU) processors to optimize performance (such as ElcomSoft's distributed password cracker using nVidia GPUs).  Increase the number for added pessimism and to account for Moore's Law.

The 31 special symbols are the non-alphanumerics commonly used in the United States (!@#$%^&*()-_+=~`[]{}\:;'"<>,.?/).  Add more if you wish and update the number in the red box.  Reduce the number for added pessimism.  

If the adversary does know the exact length of passphrase, he or she will not have to compute all possible smaller lengths first.  If length is not known, then each time in the spreadsheet includes the sum of all prior times in that column since presumably the adversary would have to exhaust all the smaller lengths first.  Assume adversary does know exact length for added pessimism.

The factors that are difficult to include are the "true randomness" of the passphrase being cracked and how "smart" the cracking program is.  These factors are lumped together in the "Percentage of Keyspace To Be Searched" value.  If this value is 100% then the passphrase is assumed to be truly random, whatever that might mean to you, and/or the cracking program attempts no optimizations based on human nature, dictionaries, common substitutions, etc.  But, as you guesstimate the relevant cracking program to be smart, or as you guesstimate the passphrase to be less than truly random, then lower the percentage number.  The percentage reduces the number of possible combinations that must be searched as a crude estimate of actual time; for example, a five-character lowercase password with 100% randomness yields 11,881,376 possibilities, but with 30% randomness only yields 3,564,413.  If your adversary is doing only brute force cracking (and no dictionary, hybrid or pre-computed searches), set the randomness to 100%.  If your adversary is a large corporation or national government, set it to 1% on the assumption that their cracking programs will be "smarter".

Keep in mind that, if you are considering the crackability of LanManager (LM) hashes, the effective passphrase  length is never greater than 7, even if the passphrase you type in is 14 characters long.  This is because the passphrase is cut in half and and is each hashed independently then concatenated together.  Also, don't forget that LM hashes are NOT case sensitive, so the "lowercase,numbers,<space>" set is the most relevant (with 7 characters max).

In the far right collumn is an area to compute the cracking of dictionary-only passphrases where "length" is not the number of characters but the number of words in the phrase.  The vast majority of sentences in everyday spoken english are drawn from a pool of only about 10,000 words (according to one linguistics web site) from the hundreds of thousands of english words in the Oxford dictionary (which doesn't include scientific terms by the way).  Hence, assuming the passphrase is made up of only these words, with no mis-spellings, no numbers, no symbols, no mixed cases, then 10000 can be assumed and used to compute cracking times.  But if even a single word in one's passphrase were not in the cracker's dictionary, or if one word were deliberately mis-spelled or strangely capitalized or punctuated, then the 10000-word assumption is a vast under-estimate of how large the cracker would have to expand the dictionary and hybridize it in order to flush out the elusive word(s) in question.

Finally, these are MAX times, as though the very last passphrase guessed is the correct one.  Cut times in half to get the average per passphrase when large collections of hashes are being cracked simultaneously.

https://www.dropbox.com/s/syd8vwf31y90ev4/Passphrase_Length_vs_Complexity.xls

[bitcoinpaul]

Is this 1626 words dictionary enough now or should we go with a bigger one, also to allow less words?

[Jerical13]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

That is pretty straight forward and easy to understand.

[igmaca]

....

I'll be sure to include this entire text on the password creation screen

other thinks

Main article: Random number generator attack

Since much cryptography depends on a cryptographically secure random number generator for key and cryptographic nonce generation, if a random number generator can be made predictable, it can be used as backdoor by an attacker to break the encryption.
The NSA is reported to have inserted a backdoor into the NIST certified cryptographically secure pseudorandom number generator Dual_EC_DRBG. If for example an SSL connection is created using this random number generator, then according to Matthew Green it would allow NSA to determine the state of the random number generator, and thereby eventually be able to read all data sent over the SSL connection.[12] Even though it was apparent that Dual_EC_DRBG was a very poor and possibly backdoored pseudorandom number generator long before the NSA backdoor was confirmed in 2013, it had seen significant usage in practice until 2013, for example by the prominent security company RSA Security.[13] There have subsequently been accusations that RSA Security knowingly inserted a NSA backdoor into its products, possibly as part of the Bullrun program. RSA has denied knowingly inserting a backdoor into its products.[14]
It has also been theorized that hardware RNGs could be secretly modified to have less entropy than stated, which would make encryption using the hardware RNG susceptible to attack. One such method which has been published works by modifying the dopant mask of the chip, which would be undetectable to optical reverse-engineering.[15] For example for random number generation in Linux, it is seen as unacceptable to use Intel's RdRand hardware RNG without mixing in the RdRand output with other sources of entropy to counteract any backdoors in the hardware RNG. Especially after the revelation of the NSA Bullrun program.[16][17]

http://en.wikipedia.org/wiki/Random_number_generator_attackhttp://

10 Immutable Laws of Security.

Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn't practically achievable, online or offline.
Law #10: Technology is not a panacea.

[wesleyh]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

That is pretty straight forward and easy to understand.

Well people thought it was too long. I've changed it now. Try it at http://nxtra.org/nxt-client/ (click on don't have an account, then click on "want to choose your own secret phrase")

[ChuckOne]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

Not that this one is better, but maybe it is easier for the most users to understand:

1) at least 35 characters
2) less than 50 characters requires upper case and numbers

OK, so I could simply say:

Your secret phrase should be at least 35 characters long.

And then I can show the rest, (if the pass is less than 50), as an error message. Otherwise the description would be too long, agreed?

Seems good.

Is this a good error description (shown when less than 50 characters are entered):
 
            error = "Since your secret phrase is less than 50 characters long, it must contain both numbers and uppercase letters.";

btw, no requirement for special characters?

That is great.

Ufff.. Hmm. Special characters. I do not know. What do others think?

It is more secure then, right?

[bitcoinpaul]

So community, what do you think about the user's own password rules.

Your secret phrase must consist of at least 12 random words separated by spaces. Alternatively, you can choose a secret phrase that is at least 35 characters long and contains a mixture of lower/uppercase characters, numbers and special characters.

Is this too complicated? what do you suggest instead.

That is pretty straight forward and easy to understand.

Well people thought it was too long. I've changed it now. Try it at http://nxtra.org/nxt-client/ (click on don't have an account, then click on "want to choose your own secret phrase")

+1