Mastodawn

Wladimir Palant Jan 30, 2023

Password strength is a very confusing concept, which has shown very clearly in the discussion around the #LastPass breach and #Bitwarden flaws. I tried to make it as easy to understand as possible, not sure whether I succeeded.

https://palant.info/2023/01/30/password-strength-explained/

TL;DR:
· Password managers are a single point of failure, so their master password has to be strong.
· What looks strong to you isn’t necessarily a strong password.
· Long passwords aren’t necessarily strong. Case in question: “choose a phrase from a song.”
· I suspect that almost all real-world passwords have less than 35 bits of entropy. Especially with zxcvbn considering 33 bits as “strong” and even password manager vendors not questioning that.
· AFAIK the only realistic way to get a strong password is generating it randomly.
· Diceware is a good way to generate passwords that are both secure and rememberable.
· “Regular” people don’t need more than four words (using a word list for five dice). Valuable targets need five words for better protection, someone who could become a target of a state-level actor should be safe with six words.

Password strength explained

I try to explain how attackers would guess your password, should they get their hands on your encrypted data. There are some thoughts on the strength of real-world passwords and suggestions for your new password.

Almost Secure

Show thread

Graham Sutherland / Polynomial Jan 30, 2023

@WPalant very true. the only reservation I have is that we should just stop using "entropy" or "bits" as a measure of password strength. statistical measures of state space make sense when we're talking about keys and probabilistic distributions, but the measure isn't particularly useful in the context of practical attacks, and the numbers and calculations just end up being confusing and misleading when we talk about passwords (or anything chosen by a human).