On Dec 31, 2011, at 12:32 06PM, John Levine wrote: >>> You can't force people to invent and memorize an endless stream of >>> unrelated strong passwords. >> >> I'm not sure I agree with this phrasing. It is easy to memorize a strong >> password -- it just has to be long enough. > > Don't forget "endless stream of unrelated". I have some strong > passwords for the accounts that matter, but I don't have to start over > every month. > > >> So what problem _is_ being addressed by requiring passwords to be changed >> so often [and so inconveniently]? > > Compliance with standards written by people who created the standard > by copying standards they saw other places. I suspect a lot of them > still trace back to attacks on /etc/passwd on PDP-11 Unix. >
That's about it. It all derives from the Morris and Thompson paper and from http://csrc.nist.gov/publications/secpubs//rainbow/std002.txt . Both were written at a time when a power user would have about 3 passwords. Yes, ideally people would have a separate, strong password, changed regularly for every site. The difference between theory and practice, though... By actual count, I have more than 100 web site passwords. The odds on me remembering all of them are exactly 0. So -- I use a password manager program, and store everything in an encrypted, "cloud"-resident place. Nothing else would work. The most sensitive sites, though, aren't in the file; those, I can and will memorize. Changing passwords? Unless you're changing from one random string to another, it doesn't help. I posted a link a few days ago to a paper that described an algorithm for finding ~40% of new passwords from the previous one -- people follow patterns. And if your machine is infected by a keystroke logger -- one of the bigger threats these days -- none of that matters. (See some of Cormac Herley's papers.) Passwords aren't dead, and despite what IBM says I don't think they're going away any time soon. But we need new rules and new guidelines for managing them; the ones from the 1980s don't work anymore. --Steve Bellovin, https://www.cs.columbia.edu/~smb _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
