Mathematical Strength of Passphrases

Last week, I wrote about why passphrases might be a better idea than passwords. In essence, passphrases are longer and stronger, easier to remember, and more resistant to the assaults of many of the more popular password crackers.

In previous editions of this newsletter, I've mentioned articles by Jesper Johansson, Microsoft security program manager. Recently, Johansson published part 2 of the three-part series "The Great Debates: Pass Phrases vs. Passwords," which compares passphrases and passwords. In part 1 (at the first URL below), Johansson covers the fundamentals, including how passwords are stored. In part 2 (at the second URL below), he looks at the strength of each approach, and in part 3, due out later this month, if I understand correctly, he will offer guidance on how to select stronger passwords and configure password policy.

http://www.microsoft.com/technet/security/secnews/articles/itproviewpoint091004.mspx

http://www.microsoft.com/technet/security/secnews/articles/itproviewpoint100504.mspx

Part 2 of the series is very interesting because Johansson offers insight into why "longer is stronger" in many cases. Some password-cracking tools attempt to precompute all possible hashes and store them on disk in order to quicken computation time when trying to crack a given password. Johannson points out that precomputing for LAN Manager (LM) hashes is feasible because storing all possible hashes for a 14-character password, for example, based on a 76-character set (the number of characters on a standard American English keyboard when you include lower- and uppercase letters, numbers, punctuation, and special characters) would require about 310TB of storage. Granted, that's a huge amount of data, but storing it is feasible given the file systems available today. On the other hand, trying to store all the possible NT hashes given the same 14-character password and 76-character set wouldn't be feasible because NT's hash algorithm produces longer hashes that would require 5,652,897,009 exabytes (EB) of storage, which according to Johannson, "exceeds the capacity of any file system today." So you can see that using at least 14 characters for passwords and NT hashes makes cracking take much longer than using shorter passwords and LM hashes because all the possible NT hashes can't be precomputed and stored to disk to save processing time.

If all the characters in a password are alphanumeric, and especially if all the letters are the same case, then cracking doesn't take as long as if some nonalphanumeric characters and mixed-case letters are used. As you might know, cracking programs check first for common words using techniques such as dictionary attacks. And if you use only upper- or lowercase letters, the alphanumeric characters add up to only 26 letters and 10 digits, or 36 characters. But if you use the entire set of 76 characters, you greatly increase password strength because you increase the amount of time required to crack your passwords.

Essentially, the strength of a password (or passphrase) is a function of the size of the character set, the number and randomness of characters used from that set, and the computing power of the platform used to attempt to break the password. Because you can't precisely determine which platform crackers might have at their disposal, you could assume the worst-case scenario--that they have the power of a distributed computing network and massive amounts of storage and will therefore be able to crack your password much more quickly than if they worked alone or with a few associates. That means you should consider using password policies that defend against such threats as much as possible by requiring passwords longer than 14 characters, requiring some nonalphanumeric characters, defending your network at all levels against sniffing, and so on.

If you're interested in more information about password strength or need some logical reasoning to justify new password policies for your network, be sure to read Johannson's articles. He goes into a lot of detail (which isn't over the head of a typical network administrator) and offers several anecdotes and cases studies that I think you'll find interesting. Also, please take a moment to visit our Security Hot Topic Web page and answer our latest Instant Poll question: "What password length do you enforce on your network?" I'm interested to know whether you agree that longer passwords are stronger passwords.

On another note, we're happy to announce the IT Prolympics--a contest designed to recognize the most proficient Active Directory (AD) experts in the nation. The gold medal winner will get an all-expenses-paid trip to TechEd 2005. Plus, we'll feature photos and test scores of gold, silver, and bronze winners in the January issue of Windows IT Pro magazine. Learn more about IT Prolympics and enter here:

http://www.windowsitpro.com/itprolympics

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish