[cryptography] Password non-similarity?
Craig B Agricola
craig at theagricolas.org
Mon Jan 2 19:12:03 EST 2012
On Sun, Jan 01, 2012 at 03:16:39AM -0000, John Levine wrote:
> > Well, on more than a few occasions, I've observed cases
> >where users have accidentally entered their password into the
> >"username" field (either alone, or with the username preprended).
> >Of course, the login attempt fails and, more to the point, the
> >invalid "user name" is logged. The users almost immediately
> >realize their mistakes, and then login correctly. Unfortunately,
> >most users don't realize that their password has just been logged
> >as an invalid user name and their logged subsequent successful login
> >makes it rather trivial to associate that password with the actual
> >username of the user.
> Where's this log? Wherever it is, it's on a system that also has their
> actual password.
> If I wanted to reverse engineer passwords, this doesn't strike me as a
> particularly efficient way to do so.
Well, the log is presumedly unencrypted on the same machine that has a
*hash* of their actual password. It takes a lot longer to crack against
the hashed password list than it does to scan the log for these type of
log messages, which they can then check against the hashed password
database quickly and easily. I agree with Kevin that this scenario
isn't enough justification for the overhead and user annoyance that is
forced password rotation, but it's not an unreasonable scenario to want
to mitigate. Some web servers even make it easy to accidentally export
the logs, since often HTTP is the access method of choice for the people
who actually should be able to review the logs...
More information about the cryptography