[cryptography] Password non-similarity?

lodewijk andré de la porte lodewijkadlp at gmail.com
Wed Jan 4 15:00:50 EST 2012


2012/1/3 Jonathan Katz <jkatz at cs.umd.edu>

> On Mon, 2 Jan 2012, lodewijk andré de la porte wrote:
>
>  The reason for regular change is very good. It's that the low-intensity
>> brute forcing of a password requires a certain stretch of time. Put the
>> change interval low enough and you're safer from them.
>>
>> We've had someone talk on-list about a significant amount of failed remote
>> ssh login attempts. Should he chose not to force user to change their
>> passwords they wouldn't. And the likelyhood of a successfull login
>> would improve with the years (given coordination) to somewhere above the
>> admin's comfort zone.
>>
>
> I just don't buy this argument; am I missing something?
>
> Say passwords are chosen uniformly from a space of size N. If you never
> change your password, then an adversary is guaranteed to guess your
> password in N attempts, and in expectation guesses your password in N/2
> attempts.
>
> If you change passwords constantly, and an adversary guesses a random
> password (with replacement) each password-guessing attempt, then in
> expectation the adversary guesses your password in N attempts. Not much of
> an advantage.
>

Yes it only doubles the security. I hate admitting I overestimated
something. It looks better on paper though, infinite maximum. And it still
limits time exposed on breach, which may be useful but likely isn't. Nope.
I can't really think of why it'd substantially help. Twice could be good,
but a single character would do that too. Ugh.

Time to rage on anyone who stupendously uses password timeouts.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20120104/3e9fe1f5/attachment.html>


More information about the cryptography mailing list