Password choices

Gary Allen gallen at apollo.uucp
Fri Jul 8 03:41:00 AEST 1988 

In article <4387 at ptsfa.PacBell.COM> jmc at ptsfa.PacBell.COM (Jerry Carlin) writes:
>Somewhere I remember hearing or reading that someone did a study
>about typical (bad) password choices and/or what consituted good
>password choices. Can anyone give me references? Thanks in advance.
>
>-- 
>Jerry Carlin (415) 823-2441 {bellcore,sun,ames,pyramid}!pacbell!jmc
>To dream the impossible dream. To fight the unbeatable foe.

I remember the title of a book that I studied several years ago called
"Cryptography and Data Security". I don't remember the author or publisher,
but it was fascinating; lots of history of ciphers, spies, etc. Also, there
was an article in (I think) a Bell journal that discussed the UNIX password
mechanism. I think it was written by Ken Thompson.

I can give you the jist. Bad passwords are short and/or chosen from a small
alphabet. Consider a 3-character password chosen from the alphabet of
lower case letters. An exhaustive attack on this password will succeed
in (worst case) 26^3 (17576) attempts. At a rate of 1 attempt/second
(which is *very* slow), this password will be broken in less than 5 hours.
A 6 character password chosen from a 96 character alphabet (upper and lower
case letters, numbers and special characters) require (worst case) 96^6
(nearly a trillion) attempts. At 1 attempt/second, this works out to about
25,000 years.

Another type of attack makes use of the fact that passwords are not chosen
at random. Rather, people tend to use their children's names, birthdates,
etc. A clever cryptologist [sp?] will have a batch of the 200-300 most
common names, 200-300 most common words (assuming the local language), all
combinations of 3 digits, a few local cities and towns, several dozen
dirty words, etc. Assuming 3000 of these goodies, 1 attempt/second requires
less than an hour. If the encrypting scheme is known (which UNIX's is),
these words can be encrypted in advance and simply compared to the encrypted
passwords stored in the system in no time at all. Fortunately, UNIX is
protected against this by a "salt" derived from the clock. At least the
test cases must be encrypted from scratch for each password under attack.

So, the general rule is to use a relatively long password (UNIX hints that
it wants 6 characters or more) including characters from each section of
the character set, avoiding common names and words, no birthdays or other
all-numeric codes.

Gary Allen
Apollo Computer
Chelmsford, MA
{decvax,umix,yale}!apollo!gallen

P.S. With the exception of a couple of ciphers developed in the last few
years, every known cipher in history has been broken. That doesn't imply
that the last few haven't, just that we don't know that they've been broken.

More information about the Comp.unix.questions mailing list