[HN Gopher] The logic behind three random words
___________________________________________________________________
The logic behind three random words
Author : DicIfTEx
Score : 57 points
Date : 2021-08-06 10:10 UTC (1 days ago)
(HTM) web link (www.ncsc.gov.uk)
(TXT) w3m dump (www.ncsc.gov.uk)
| jepler wrote:
| Missing is the analysis of the amount of entropy in an unaided
| "three random words" password.
|
| I'll try: people are lousy at random picking. Their choices are
| highly likely to come from the most common 1000 words, and very
| very likely to come from the most common 4000 words. If this is
| true, it gets you an entropy of 30 to 36 bits.
|
| BUT
|
| Just for curiosity I checked out NIST's current guidance on
| passwords; they actually allow 6-digit passwords (PINs) [with
| about 20 bits of entropy], as long as there is server-side rate
| limiting of authentication attempts [edited to add:] and are
| uniformly chosen by the server. They recognize that this does not
| mitigate offline cracking attempts. Since even choosing a random
| "top 100" word would meet the same entropy bar, perhaps my
| initial reaction is an over-reaction.
| [https://pages.nist.gov/800-63-3/sp800-63b.html#appA]
| slater wrote:
| Getting a '403 - Access Denied' error, and wayback machine has
| the page, but since the original is some JS-only thing, WB
| doesn't show anything.
| aaron695 wrote:
| Reading between the lines this is a political move.
|
| Users hate IT security. IT security like all professions has
| become blame shifting not about security and made the problem
| worse.
|
| Password complexity rules don't matter in practice. This keeps
| users the most happy and is close enough.
|
| OT:If you are a hacker and care about TLA, passphrases seem the
| best but you need more than 3 words and you need something random
| in the mix. This is if they have your encrypted hard disk for
| instance or wallet.
| tgv wrote:
| Most people have a limited vocabulary, in the order of 14 bits.
| They don't know how to come up with three random words either.
| That means < 52 bits, probably a lot less. So, these people would
| need a password generator. Which makes the point moot.
|
| Edit: 3*14 = 42, not 52...
| pedrocr wrote:
| Is 16k really a limited vocabulary? The only reference I found
| online had that as the amount of vocabulary for the highest
| levels of language proficiency.
| hiccuphippo wrote:
| Person, woman, man, camera, TV.
| DicIfTEx wrote:
| The final section of the article about 'password diversity'[0]
| is interesting to me; allow me to think aloud for a little bit.
|
| Whilst I appreciate the recent shift to advising passphrases
| (and password managers, but that's a different topic) for
| normal users, the I've noticed that received wisdom tends to be
| that the words need to be unrelated, i.e. don't use a quote
| from a book (although I notice that the NCSC's own guidance[1]
| does not state this).
|
| However, surely this would be an acceptable workaround for
| those who would struggle to remember (or, as you say, conjure
| up) an assortment of random, sufficiently-complex words?
| Password diversity would be enhanced if the text-based
| authentication ecosystem included traditional passwords, random
| passphrases AND semantically-meaningful sentences, more so than
| with only the first two?
|
| Of course, quotations have their own strength problems (i.e.,
| in a language like English any sentence will contain a lot of
| 1-3-letter words), and perhaps 'it was the best of times it was
| the worst of times' would just become the new '123456', but
| perhaps the ecosystem-wide strengthening effect could mitigate
| those?
|
| [0] https://www.ncsc.gov.uk/blog-post/the-logic-behind-three-
| ran...
|
| [1] https://www.ncsc.gov.uk/collection/top-tips-for-staying-
| secu...
| tgv wrote:
| How many users actually read? I don't trust the surveys on
| this, at all. But if they've read a book, many a passphrase
| will be "you're a wizard", or some other YA cliche. In book
| quotes, there will be extremely little diversity. And nobody
| is going to type 'it was ...', as long as 'hunter1234'
| suffices.
|
| I don't think this is a problem with an easy solution. The
| low hanging fruit, enforced password rules, has been tried,
| further strengthening requires alternative solutions, such as
| 2FA, hardware keys, one-time pads, etc.
| wodenokoto wrote:
| It's kinda funny because I remember when password recommendations
| were "use the initial letters of a simple, but novel phrase" and
| it turns out the password would have been much stronger if
| actually using the phrase.
| revolvingocelot wrote:
| In fairness, some of that was due to _maximum_ password length,
| a silliness I have yet to see totally disappear, but was much
| more endemic back then.
| NotSwift wrote:
| This is sound advice. But I would suggest that you choose words
| for which you can find some mnemonic to remember them, e.g. by
| combining them in a nonsensical sentence.
| mewpmewp2 wrote:
| I have usually also used one made up word derived from existing
| word along with other words, just in case, you know... If
| someone was to bruteforce 3 word combinations it would make the
| attack so much weaker.
| nickdothutton wrote:
| VAX VMS had this sorted around 1983 with SET PASSWORD /GENERATE.
| We have gone backwards since then.
| stavros wrote:
| Can we finally get WebAuthn everywhere and not have to remember
| any passwords at all? It's 2021, our civilization is almost at an
| end and we haven't even managed to solve passwords.
| [deleted]
| [deleted]
| jasonwatkinspdx wrote:
| Years ago I needed to generate default/initial passwords for CRM
| systems that weren't trivially crackable. I wrote a little script
| that picked 5 words from a 22e3 dictionary. It's about 70 bit
| security assuming the adversary knows the dictionary. Not perfect
| but a whole heck of a lot better than installing stuff with
| "admin:admin" as is shockingly common.
|
| It still irks me how many places have 1. short password length
| limits and 2. stupid character class requirements. I use long as
| heck pass phrases everywhere I can't use a password manager but a
| shocking number of businesses are still like "max length 12 use 1
| capital 1 number 1 symbol" :/
| dfdz wrote:
| > None of this is helped by ... the continued low uptake of
| password managers to both store and generate passwords
|
| This article contains reasonable advice, but I am not sure that
| is advice that _anyone_ is interested in. Let me explain.
|
| Most of my tech savvy friends/family use password managers
| (either digital or paper), two factor authentication, and
| sometimes hardware authentication devices for important accounts.
|
| In contrast, most of my non-tech savvy friends/family do not care
| about password entropy or really anything to do with security. If
| the complexity requirements cause them to forget a memorized
| password, then they reset using their email.
|
| Edit: Actually people forgetting their passwords because of
| complexity requirements might be useful, since it forces people
| not using a password manager to login by clicking a link from
| their email (which is better than a weak password) In this light,
| maybe companies should start to enforce even more crazy
| requirements at least 4 numbers, 4 symbols, 8 characters
| jrootabega wrote:
| I find that the brain is just optimized to remember language and
| language-like constructs. It's not a trick; you've sunk decades
| into training your brain to do it. Words, phrases, 6/7 digit
| numbers like phone numbers, etc. Being able to pronounce them out
| loud or internally is a huge part of it. So it's just easier to
| remember the same amount of entropy with such a secret compared
| with other methods.
|
| Diceware is the older brother of this method:
|
| https://en.wikipedia.org/wiki/Diceware
| throw0101a wrote:
| More recent versions of Ubuntu have a "diceware" utility that
| you can run, but there are also web sites:
|
| * https://www.rempe.us/diceware/#eff
| Digit-Al wrote:
| A few years ago I wrote a diceware generator at work and used
| it to generate my login passwords. But then they changed the
| complexity requirements and I couldn't use that method any
| more. I was most disappointed.
| _ZeD_ wrote:
| an additional "twist" is that you can use words in different
| language: good luck with a "dictionary" attack if a word is in
| spanish, one in french and the other one in italian (or what you
| prefer).
| daveFNbuck wrote:
| If you limit it to languages you know, you're adding 1 or 2
| bits of entropy. If you expand it to languages you don't know,
| you're adding a couple more bits but making it much harder to
| remember.
|
| If you stick to one language and add a fourth word, you're
| adding 10+ bits of entropy (depending on the size of the word
| list you're choosing randomly from).
| alisonkisk wrote:
| Three random words are great. But for this to work in real life
| requires dozens of sets of three random words per person.
| Igelau wrote:
| Passwords are in tiers, ranging from the "must be stupid easy
| so my in-laws can use my Netflix" tier to the "Can't be stored
| in the password manager because it unlocks the password
| manager" tier.
|
| I use diceware with few words in the low tier. Diceware with
| more words in the high tier. The password manager autogens the
| middle tier. Most people only need to really know a couple.
| mellosouls wrote:
| Can we expect a certain well-known geo-locating firm to ban this
| method as copying their IP?
| DicIfTEx wrote:
| I certainly wouldn't put it past them[0], and then we can look
| forward to "The logic behind more than three random words"
|
| [0] https://news.ycombinator.com/item?id=27021377
| dvh wrote:
| Some time ago I wanted to mass produce new inventions so I
| generated list of random phrases in form of adjective-adjective-
| noun and start reading. Most of it was nonsense, occasionally
| there was something viable, in rare occasion some interesting new
| idea. Then I stumbled upon this gem:
|
| "Creepy wet uncle"
|
| and I giggled. I kept reading and once in a while there was
| something funny. After a while I realized that 3 random words can
| make me laugh, but no 3 random words made me cry.
|
| Before I thought that laughter and crying are equal but opposite
| emotions, but they are not. Crying is much deeper and requires
| more emotional attachment. To make someone laugh all you need is
| 3 random words.
| loa_in_ wrote:
| There are many different types of laughter, but no-one is
| naming them because it "kills the vibe" or "ruins the moment"
| mrslave wrote:
| > After a while I realized that 3 random words can make me
| laugh, but no 3 random words made me cry.
|
| Attributed to Ernest Hemingway though there is some doubt,
| supposedly written in response to a challenge to write a very
| short story: "For sale: baby shoes, never worn"
| fortran77 wrote:
| https://en.wikipedia.org/wiki/For_sale:_baby_shoes,_never_wo.
| ..
| birdyrooster wrote:
| lmao so random
| amelius wrote:
| My first guess at this would be that the parents bought boy's
| and girl's shoes, and sold the pair they didn't need. Nothing
| to cry over.
| Theodores wrote:
| I did the same but for some activation codes. I used a
| dictionary of swear words to keep it clean but still got
| interesting results. Had to make sure the word Jew did not
| appear as that came up in a phrase that would have not been
| well received!
| Digit-Al wrote:
| I had almost exactly the same situation happen. I had to
| produce activation codes just before Christmas. I was on my
| break, chilling at home when I got a text message asking if
| they could email me the bit of script so I could change it to
| remove the vowels. I complied and when I got back to the
| office after Christmas asked why.
|
| Turns out that when you generate over a million random letter
| sequences some of them are rather fruity words. In fact my
| original code was being referred to as "the random f*k
| generator" lol
| hiccuphippo wrote:
| You don't really need the vowels. I remember a windows
| license key that started with FCKGW.
| wiml wrote:
| My solution to this was to pull down some lists of swear
| words and then forbid _every single digraph_ that appeared
| on the lists. It eliminated something like 25% of the
| randomly generated tokens, but the ones that passed this
| check were pretty reliably un-wordlike.
| aidenn0 wrote:
| Random fact about that word: The scrabble dictionary has a
| redacted and unredacted version. "jew" is one of the redacted
| words because scrabble disallows proper nouns, so the
| remaining usage (as a verb) is offensive.
| ComputerGuru wrote:
| Verb or adjective?
| zaat wrote:
| transitive verb - To bargain shrewdly or unfairly with.
| Often used with down.
|
| https://www.wordnik.com/words/jew
|
| edited (I got the whole M Jackson backwards, removed it)
| contravariant wrote:
| I've started wondering if people cry when they have no other
| way to express what they're feeling. It's not limited to just
| feeling sad for instance. And crying seems to happen more often
| when people (especially children) are confused by their own
| emotions.
| jasonwatkinspdx wrote:
| So once upon a time the startup I was working for did a
| promotion at a big gaming conference. We printed a bunch of
| business cards that had individually unique promo codes people
| could redeem. I used 3 random words from a dictionary off the
| internet as the promo codes cuz that seemed more ergonomic than
| some random characters.
|
| Let's just say the phrases on some of those cards were quite
| choice. Thankfully everyone had a sense of humor about it and
| it wasn't a big deal.
| tontonius wrote:
| Thanks for sharing this little anecdote:)
| lliamander wrote:
| In science we say "Ahah!"
|
| In comedy we say "Hah!"
|
| In art we say "Ah!"
|
| All three are expressions of the experience of making novel
| connections or seeing things from a new perspective.
| ianmcgowan wrote:
| Nice! Seems like "Aha!", "Hah!" and "Ahh!" would be more
| symmetric since they're (almost) all anagrams. More pleasing
| for both the scientist and the artist ;_)
| zimpenfish wrote:
| > Crying is much deeper and requires more emotional attachment.
|
| I dunno, there's probably a fair number of people who might cry
| at something like "Unused baby shoes" (obviously cribbing off
| the apocryphal Hemingway story.)
| hiccuphippo wrote:
| The strategy I use for generating 4 to 6 digit passwords (for pin
| keys) is to imagine drawing a shape over a keypad. For example an
| N shape would be 7193, a T would be 1328 and so on.
|
| Edit: I'd be interested to see what others do!
| pc86 wrote:
| Ok
| Causality1 wrote:
| I just free-associate the first few words that come to mind when
| I look at the name of the site. It's remarkably consistent and I
| can derive passwords for accounts I haven't used in years.
| jfk13 wrote:
| If you can derive them, what are the chances someone else can
| do so too?
| Causality1 wrote:
| If they come up with the exact same words as me along with
| the alphanumeric salt they deserve the account.
| d5ve wrote:
| Before I used a password manager, I used three random word
| phrases, but with the first word lowercase, the second upper
| case, and the third (chosen to contain at least one of "aeio")
| with tr/aeio/4310/. This gave phrases that passed requirements
| like "must contain a mixture of upper and lower case" and "must
| contain at least one number". It also increased the search space
| for guessing. In some cases I had to chuck a "!" on the end to
| meet a "must contain a symbol" requirement.
|
| "crystal lizard rekindle" became "crystal LIZARD r3k1ndl3" etc.
| tzs wrote:
| > In some cases I had to chuck a "!" on the end to meet a "must
| contain a symbol" requirement.
|
| Put the "!" at the front or in the middle. That way if you
| accidentally type or paste the password into bash or zsh it
| won't end up in your history.
|
| That's because "!foo" or "bar!foo" are parsed as requests to
| substitute the most recent prior command that starts with "foo"
| in place of "!foo". Assuming you don't have such a command in
| your history this fails with an error about event not found. No
| command is generated, and so there is no attempt to run a
| command, and so nothing goes into history.
|
| "foo!" on the other hand is parsed as an attempt to run the
| command "foo!". Command attempts do go into history.
| mewpmewp2 wrote:
| Then there's places that don't allow that long passwords, like
| PayPal! Max 20 characters.
| nickweb wrote:
| (One word more) relevant XKCD [1].
|
| Also, a generator for the above [2].
|
| [1] https://xkcd.com/936/ [2]
| https://www.correcthorsebatterystaple.net/
| jonplackett wrote:
| Do you think it's bad that I set my password to
| correcthorsebatterystaple for all my accounts?
| el_oni wrote:
| Just checked on haveibeenpwned correcthorsebatterystaple has
| been seen 130 times.
|
| It seems a lot of people took the xkcd at face value.
| taneq wrote:
| Or just ran with the joke. Likewise I'm sure somewhere out
| there is a codebase containing int
| random() { return 4; // randomly chosen by roll
| of a fair dice }
| ThePadawan wrote:
| That would make a somewhat interesting testing strategy.
|
| In a similar vein, React intentionally calls user-
| implemented functions which are meant to be pure twice in
| a row (even though that's technically unnecessary), just
| to ensure the programmer actually makes the function pure
| (so the application behaves reproducably in the future).
| taneq wrote:
| Haha nice, if ever there was a design decision worthy of
| the title "glorious bastard", this is it.
| gmac wrote:
| When implementing a password strength checker lately I
| relied mainly on https://github.com/dropbox/zxcvbn (which
| is great) but added in a check for correct horse battery
| staple (and variants). Probably not that important in the
| big scheme of things but I thought it might get a chuckle
| and/or some respect if anyone happened to activate that
| code path.
| DicIfTEx wrote:
| Do Dropbox not automatically flag
| 'correcthorsebatterystaple' any more?[0]
|
| [0] https://nakedsecurity.sophos.com/2012/08/13/correctho
| rsebatt...
| mdp2021 wrote:
| > _It seems a lot of people_
|
| Or some people stopped caring
| amelius wrote:
| Or just people sharing accounts with random strangers.
| nagrom wrote:
| Except for your HN account, unfortunately.
___________________________________________________________________
(page generated 2021-08-07 23:01 UTC)