Feature request- Secret Key Length

@prime: It's an interesting idea. With passwords we always assume that the attacker knows how they were generated when calculating strength though, and with a 1Password.com account they would obviously know that 1Password is being used to generate passwords, and the Secret Key. Frankly, it's longer than it really needs to be. We chose 128-bits because because that future proofs it dramatically, and yet it's not entirely unwieldy, and can easily be contained in the Setup (QR) Code*. For example, it's similar to license keys for software. And one guy actually memorized his! Obviously that's not recommended.

*QR codes can have much more information stored in them, but at much larger, denser sizes; what we have is fairly easy to read even at low resolutions.

So I guess the question is, with all of that in mind, what benefit would there be to users choosing the length of their Secret Keys, and what would be the downsides? I'd anticipate some people wanting to actually choose it themselves if we make it customizable, and clearly that negates its main function of being completely random. Additionally, it's yet another decision people have to make, and during account creation it isn't necessarily clear to users that they may actually have to type this in at some point. So while it's certainly interesting to think about, it seems like there would be too many tradeoffs with regard to the user experience for no appreciable security gain. After all, 128-bits is going to take so long to guess that cranking it up to 1024 or whatever doesn't really help — at least not for well beyond the foreseeable future.

This came about one day a bunch of us were telling about passwords on a phone, how you should have one on it. A friend said “my password for my phone is 11 characters long”, and my other friend said “I now know your password is 11 characters long”. It just got me thinking about knowing the little bit of info. I bet an attacker will know that the secret key is 40 characters.

@prime: Hey, that's a really interesting point! And your not wrong: that is information that an attacker could use to narrow the scope for guessing. In principle, you're spot-on. But we need to remember the context: in practice, an 11-character phone passcode which was almost certainly chosen by a human is very different than a 128-bit, randomly-generated Secret Key. With 11 characters, having to only guess 11-character strings can really help speed up the process: if you're using a generated table (very feasible in that case), you simply exclude everything but 11-character strings and only bother with those. Of course, the same holds true with a 40 character Secret Key. The difference is that there are many orders of magnitude more possibilities there, so this doesn't really help an attacker at all; whether or not they know it's 40 characters and how it's generated, they still don't have enough time to brute force it. I'm still eager to find out how long it takes to brute force three-word passwords*, and that should give us some good data on the current state-of-the-art. :)

*there we're dealing with just over 42 bits (I wonder if that was intentional...) of entropy, which is substantially less.

The idea I had was use a slider and the minimum would be 40 characters. It used the same format as it has now, and it added 5 characters each move (-xxxx).

As Rick said, we're probably not going to make it user configurable for suavity reasons, but we'll continue to evaluate this based on developments in the security world. The cool about this is that we don't need to make the length variable to get more security; we can just make it longer for everyone as needed, and, as Rick mused, move to "A4-"* or higher so that the system knows the format it's expecting.

*As a bit of trivia, some of my Secret Keys (technically "Account Keys", I guess, since we hadn't changed the name yet at that point!) begin with "A2-" and are actually less than 128-bits, because we made some changes early on (I forget, but this may have been before we'd even opened the 1Password for Teams beta publicly). Not sure if "A1-" ever existed in the wild, or if anyone would have one or remember.

This is what happens when I can’t sleep and my mind wonders :lol:

Stay curious! Life is much more fun that way. :)