Recent Developments in Password Cracking
A recent Ars Technica article made the point that password crackers are getting better, and therefore passwords are getting weaker. It’s not just computing speed; we now have many databases of actual passwords we can use to create dictionaries of common passwords, or common password-generation techniques. (Example: dictionary word plus a single digit.)
This really isn’t anything new. I wrote about it in 2007. Even so, the article has caused a bit of a stir since it was published. I didn’t blog about it then, because I was waiting for Joe Bonneau to comment. He has, in a two–part blog post that’s well worth reading.
Password cracking can be evaluated on two nearly independent axes: power (the ability to check a large number of guesses quickly and cheaply using optimized software, GPUs, FPGAs, and so on) and efficiency (the ability to generate large lists of candidate passwords accurately ranked by real-world likelihood using sophisticated models). It’s relatively simple to measure cracking power in units of hashes evaluated per second or hashes per second per unit cost. There are details to account for, like the complexity of the hash being evaluated, but this problem is generally similar to cryptographic brute force against unknown (random) keys and power is generally increasing exponentially in tune with Moore’s law. The move to hardware-based cracking has enabled well-documented orders-of-magnitude speedups.
Cracking efficiency, by contrast, is rarely measured well.
Finally, there are two basic schemes for choosing secure passwords: the Schneier scheme and the XKCD scheme.
Andre Gironda • September 19, 2012 5:05 AM
For me (disclaimer: I am a pen-tester for the Fortune 10), I welcome any advancements in offensive-security. This is because offensive-security finds problems that can be fixed. Anything else is security masturbation.
The serious problem with passwords that I typically encounter is the use of a “first-day password” such as “changeme” or “changeme123”. While I agree with Joe Bonneau’s chess-style (e.g. “time” and “space” strategic advantages) oversimplification of the problem with passwords, I definitely suggest that the problem is much larger than a two-axis one. Operational factors such as “first-day passwords” can exacerbate either of these issues.
Weighted password-cracking lists and custom weighted password lists have been around since passwords existed. The only reason we have more research into these weighted lists recently is because of many of the high-profile websites that have had their unencrypted password databases published to the public by adversaries.