[cryptography] Password non-similarity?
jkatz at cs.umd.edu
Mon Jan 2 21:40:36 EST 2012
On Mon, 2 Jan 2012, lodewijk andrÃ© de la porte wrote:
> The reason for regular change is very good. It's that the low-intensity
> brute forcing of a password requires a certain stretch of time. Put the
> change interval low enough and you're safer from them.
> We've had someone talk on-list about a significant amount of failed remote
> ssh login attempts. Should he chose not to force user to change their
> passwords they wouldn't. And the likelyhood of a successfull login
> would improve with the years (given coordination) to somewhere above the
> admin's comfort zone.
I just don't buy this argument; am I missing something?
Say passwords are chosen uniformly from a space of size N. If you never
change your password, then an adversary is guaranteed to guess your
password in N attempts, and in expectation guesses your password in N/2
If you change passwords constantly, and an adversary guesses a random
password (with replacement) each password-guessing attempt, then in
expectation the adversary guesses your password in N attempts. Not much of
(This seems like such a trivial point I hesitated to post it, but I
haven't seen it come up explicitly at any point in this thread.)
The point you raise below (about limiting exposure once a password *is*
guessed) remains valid, though for common-use passwords (where an
adversary can simply lock the legitimate user out of the account once the
password is guessed) I wonder how much benefit there really is.
> The timeframe in which a password has to change also limits the maximum
> time exposed once someone has cracked it. This is relevant when the
> adversary needs multiple opportunity's to coincide. The amount of time
> it'll have access without triggering resource-counting or other
> "suspicious behavior" alarms becomes limited, as changing a password would
> either lock him or the legitimate user out.
> For most systems though, it's a complete waste of time.
More information about the cryptography