Password strength on short passwords

ondrejfuhrer
ondrejfuhrer
Community Member

Hello,

Recently I was updating a password for some sites and unfortunately, there was a site, that requires max 10 character password (yes, stupid, but what can you do). So I changed the generation "recipe" and I noticed, that the strength indicator is actually "higher" if I use just a normal characters, then if I add a numbers or special characters. Each adding of number or special character is lowering the strength of the password, which seems strange to me.

Of course I get, that full-number is less secure then full-characters, but some reasonable combination should be more secure, no?


1Password Version: 6.7
Extension Version: 4.6.6
OS Version: macOS 10.12.5
Sync Type: Not Provided

Comments

  • Hi @ondrejfuhrer,

    It's a little counter intuitive, but since you're forcing some of the characters to be picked from a smaller set, the overall strength does actually go down, for the same reason that a full-number password would be less strong than a full letter password.

    If instead of a slider for digits and symbols we simply had a checkbox, then the overall number of possibilities for each character would increase and the overall strength would go up. But since we let you choose specifically how many digits there are, it negatively affects the strength.

    Does that make sense?

    Rick

  • ondrejfuhrer
    ondrejfuhrer
    Community Member

    Hello @rickfillion,

    It makes sense from the "number of possibilities" perspective, yes. But if I take it literally, you are saying, that password that contains only alphabetical characters are more secure then those, who contains also numbers and special characters, which is not true. Or at least it is not considered true in every security guideline I've ever seen.

    Of course, the password length is the most important thing, that's without questioning.

  • @ondrejfuhrer : You're absolutely correct that guidelines out there say that a password that contains letters and digits are stronger than a password that contains only letters. And as guidelines, they aren't wrong.

    1Password takes a more conservative approach to password strength calculation. Each password has what we like to refer to as a recipe. You can look at the recipe as the settings you used to create the password. Maybe it was "Word List, 3 words, dash separator." Or "Characters, 40 of them, 8 digits, 2 symbols". We assume that an attacker knows the recipe to your password. When you assume that they know the recipe, you end up relying solely on the number of possibilities (also referred to as number of bits of entropy).

    Assuming that a password is actually random at all, the normal attacks against it won't work. Those attacks typically consist of trying every dictionary word (in order of popularity, of course), and trying the 10,000 or so most common passwords. Once the normal attacks are out of the way, an attacker is left with only brute force : trying every possibility. Like trying 001, 002, 003... on a suitcase lock. It's slow, but it's just a matter of time before you hit the right combination. This is why it's ultimately the number of possibilities that make a password strong. It's the recipe that makes the password strong.

    I'd love to change how our password generator works such that the symbol and numbers sliders became checkboxes. If we did that then we'd get the benefits of the stronger recipe (adding possibilities to each character) and it would more closely match the guidelines on the internet and be closer to the mental model that people have for passwords. 1Password for Windows 6 already works this way and I'm jealous of their password generator.

    Rick

  • ondrejfuhrer
    ondrejfuhrer
    Community Member

    @rickfillion Thank you for your extended explanation. But actually, your explanation is supporting my opinion and not how the indicator is implemented.

    In non-technical words, if the attacker knows my recipe, he knows that I am using length 10 and just alphabet, so during the brute force attack he can just every combination of 52 characters (lower and upper case characters).

    But if he knows, that my password consists of alphanumeric characters, he actually needs to try 62 characters => more secure, takes a longer time to crack. Adding special character increases the charset size as well.

    The only case, in which the "just alphabetical characters" approach is more secure, is when the attacker exactly knows that your password starts with one number, then there are five alphabet characters, one special character and three alphabet characters in the end. But since the position of numbers or special characters are random, I don't think there is a way he will know such a precise recipe.

    So as far as I understand, the password strength indicator assumes, that the attacker knows that exact recipe?

  • ondrejfuhrer
    ondrejfuhrer
    Community Member

    PS: I tried several entropy calculators online and every single one calculated higher entropy for a password with a number or special character inside.

  • rickfillion
    edited June 2017

    @ondrejfuhrer : It gets a little messy because of the positioning of the characters. There is no character that has 62 possibilities though. They either have 52, or 10.

    Let's look at the simplest example: length 2, 1 digit. The way that you're looking at it, it'd be 62 * 62 = 3844 possibilities.

    The way that the strength is calculated is : 1 letter + 1 digit = 52 * 10 = 510 possibilities

    The actual positioning of the digit here matters, but it's less than you'd think. In this example there's 2 possibilities for it.. either it's first, or last. So if the attacker just knows "length 2, 1 digit" then we could argue that the possibilities are 52 * 10 * 2 = 1040. The strength calculation doesn't end up taking positioning into account, which gives a more conservative number (it's always safer to be more conservative with these things).

    By increasing the number of digits you increase the number of possibilities for positioning but at a greater cost of reducing the per-character possibilities from 52 to 10 for every digit you add.

    It's really counterintuitive. I want that checkbox. Though even with the checkbox... if it's "Allow digits" then with 2 characters it becomes 62 * 62 as you'd want. That's great. The problem is that if you're at a site that you know requires digits then there's a relatively good chance that the password we generate won't actually contain a digit (at the contrived length of 2). As a user you'll understandably be upset when you fill the password and it doesn't meet their requirements. If the checkbox changes from "Allow digits" to "Must contain 1+ digits" then number of possibilities must decrease because you have a massive number of combinations (52 * 52 of 62 * 62) of them that wouldn't be accepted.

    Rick

  • ondrejfuhrer
    ondrejfuhrer
    Community Member

    @rickfillion Ah, you are right, my bad (with the 62 * 62).

    The most reasonable option, I think, is the one that you mentioned third (52 * 10 * 2). With the current implementation you are actually encouraging people to not use numbers and special characters (if there is no check on the service side) which doesn't seem to me a best way to go.

    But of course it is a matter of perspective but I think you are sending a wrong message here to the users.

  • Even with the 52 * 10 * 2 option, I think you would still end up feeling the same (you'd see a reduction in strength when going from 2 letters to length 2 with 1 digit). Ultimately by specifying a number of characters from a smaller set you're actually reducing the possibilities and making the password weaker.

    Our goal with the password strength is to let the math do the talking.

    Rick

  • ondrejfuhrer
    ondrejfuhrer
    Community Member

    Yes, you're right, that for a password of length 2 it will decrease the strength, which makes sense. For password longer then 5 characters it will increase it since it will be i.e. 52 * 10 * 6.

    Anyway, thank you for the explanation, I assume you're not going to change it but at least now it is more clear how do you calculate that.

    Have a great week!

    Ondrej

  • You're very welcome. We have some changes in mind for the password generator that will affect the strength calculation. We're always looking for ways to make it better/more accurate. Ideally I'd like it to properly credit the possibilities introduced by the positioning.

    Thank you for giving me the opportunity to dive into that stuff. :)

    Rick

This discussion has been closed.