Ion Todd - Password Security for humans

I i wanted to do talk about password security in a in a way that can hopefully so you can hear me in a way that will hopefully be aimed aimed at humans rather than than security people because often we we have these recommendations which technically makes sense but just aren't feasible for users so the what spawned this talk was a conversation I was having with one of one of the most senior guys at my at my company and he was saying with regards to giving giving recommendations like don't be a typical infosec noob and just say what is definitely best practice if it's not going to be used by the client because you just sort of wasting your

time so yeah that's pretty much the idea behind this talk see I just starting out as I said my name's iron I'm an infosec consultant at mwr I've been there about a year now I like hacking things and I'm particularly interested in password cracking and passwords in general so just a quick agenda we're going to look at attacking passwords how to protect them what threats they are two general users how to store and manage passwords and then right at the end just sort of some research have done in to pass phrase cracking and so just before we dive into it can you just sort of take a look at these passwords and try and try

and order them in your head just from least secure to most secure almost good security secur just give you a couple of seconds just to try and get your head around us cool so we're going to come back to the slide later we're going to go through a little bit of background I guess so there's there's two types of I guess primary attacks for going off to passwords the first is online attacks so a notable example of this is the I the iCloud leak I'm sure most of you saw that but if not some some guys got hold of private accounts of primarily celebrities by two main attack vectors primarily fishing but also exploiting an

API issue which didn't rate limits guessing on an iCloud accounts so what they could do is they could just continuously guess passwords until they eventually got in so obviously the issue with this is it's slow and easily detected like you're you're you're limited by your network connection you've gotta you gotta deal with TCP HTTP all that kind of stuff just to send the password across and then it's got to get evaluated server side and obviously usernames are required if you're going off to a certain user you need the actual user name if you're just going off to any user you need a big list of usernames um and yeah so then the other way would be offline password attacks so

this is this is more what I'm interested in so one of the advantages are advantages of it is it's a lot faster because you have the hashed passwords on your database sorry on your hard drive and so the idea would be you'd get a probably a forums database or some large websites database and you would then throw it into something like John wash cat in order to try and recover and mahalo to passwords so a notable example of this is linux mint I'm not sure I'm not sure of Strauss's here I see he runs that on his desktop so i may or may not have his passwords somewhere um yeah so for those of you don't know i think they

were running a wordpress site therefore we got hacks DB dumped and the the iso was actually back toward for a day or so and not so long ago um see I'm a hash cat fanboy I don't use a lot of John i recently found out you can do quite cool things in John but yeah I'm not gonna talk about it at all so I'm just gonna run through some basic hash cat attacks one can do so the most obvious example is dictionary attacks where you essentially just take words and pass them and see what happens so ways you can build up these dictionaries are plaintext password dumps so Rocky is a big one I was a form damn many many

years ago now but just any plane with plaintext passwords you can get your hands on are usually going to be used again things you've previously cracked yourself just sitting in your hash kappahd file keyboard patterns are something which uses actually used for some reason so sort of if you look at your keyboard like qas dead SW so just up and down or left and right these there's large dictionaries for that kind of stuff or so your numpad 7 53 etc and then you can do more exciting things so you can scrape websites get lyrics from songs books wikipedia may be scraped like the b-sides website for example so if you were to scrape the research website you probably get words

like kept on besides Table Mountain I PA pale ale just sort of cape town things so then another type of attack is rule rule based attacks so the the idea here is just sort of try and mimic how pass how users create passwords so maybe I would upend an S to a password or a one two three maybe I'm maybe I'm elite hacker hacks or so i replace my SS with percentage sorry with dollar signs and that kind of stuff or even just reverse words just just stuff like that you can obviously combo rules together to create more interesting passwords um and then you get brute force attacks so not a not a lot involved there you just sort of

gets all the combinations so for example from A to Z and something else you can do is you can actually brute force on a word list so you'll started secure password and you can brute force past that which actually gives you some really cool and some really cool advantages I'll show you show you one a little bit later and then a Combinator attack so that's literally just combine two dictionaries where we saw what a dictionary attack was now so we got dictionary one defeat too much I've got a laser laser pointer nope see how we take sort of our our previous dictionary one and we append it to quite simple words and we are things like Cape Town

boy Peter Martin love I pipl yeah hello of cetera you guys can all get so the advantage of this is you can die you can sort of crack longer passwords and this is this is something that people often do um okay so going back now we know how people like to attack passwords so just what are good ways to defend the two things we just looked at so obviously for for online attacks a strong password policy is really important try and increase the number of guesses need to do especially since they're limited by the speed of the network connection and server-side processing and all that then obviously I can't lockouts quite good too so if I guess

three incorrect login attempts maybe make me send an email to myself or wait 15 minutes exponentially back that off over time so 1530 and I or whatever and also just logging and monitoring is is a really easy way to pick this up so say for example if either a user tried to log in 10,000 times recently or all of my users tried password one recently that that would probably be an indicator of something bad happening and then for offline attacks so it's a little bit different obviously we're not in front in control of the server anymore they've got all of our hashes and sitting on their machine so they're not no longer limited by our controls so what we can

do is we can ensure that we're storing the password securely or yeah securely I guess so once again strong password policies important trying to increase the guesses that they need to perform and then salted passwords and iterative hashing algorithms are really good so we'll go into the what that is in a sec I'm just going to take some water because my mouth's quite dry cool so what exactly is password salting essentially you just add a unique value to each password the idea of this is to prevent look-up tables so back when md5 and sha-1 really big things people created large look-up tables for these they're called rainbow tables that's why I included the little pride symbol there

I see ya just the the general idea is if I've if I've got password one say it's a three of my users have password one these will all have two different things if if different salts are applied which means that they can't they can't be looked up and it'll slow down the guessing a lot um and then a sort of final issue which I think people don't think of very often so the salted value needs to be calculated for each guess which obviously makes sense but um the effect this has on on the amount of guesses is is more than more than people sometimes think so the slides actually by similar to the previous slide I

couldn't find a good way to convey this but um sorry what am I trying to say okay yes so for example i have my password salt and I want to look it up in my my list of hash files so I I work that out and I look it up but now I want to try pass through with a neck salt I've got to do that again so essentially what this means is that for every for every hash that I'm I'm trying against I then like this multiplies each each guess are making sorry yeah I've got a vertical cater for each guesser making so this essentially is sort of like blows up the amount of guesses one needs

to make for each each password they're comparing which obviously slows things down quite a lot another way to slow things down is iterative hashing algorithms so the first thing is why not md5 i'm sure you guys all know what empty fibers will have seen empty five at some point so the md in md5 stands for message digest as far as i know and this was created for checking the integrity of things of files to see if they'd been an until intentionally or unintentionally modified during transit so these these algorithms are made for speed that you want them to be calculated fast on on for example large files in order to check their integrity which is at odds with what's what we

want from a password hashing algorithm so because devs are often charge of this we thought how do we make things slower well we just do it over and over again so that's pretty much where a direita fashioning algorithms came from so you take the hash you work it out once and then you just go into a loop and you just keep working it out based on the previous value so the zeroth value determines the first value etc etc etc and at the end you just return out the hash um so obviously if i'm doing something two thousand times per per guest it slows things down considerably but more importantly what this does is so GPUs are really good at password

cracking because of the fact that they've got multiple calls which can then take advantage of parallel processing what what it rid of hashing do is they prevent the the gpus from being able to take advantage of their their parallel abilities so yeah GPUs really good at maths vector stuff and and parallelism whereas if I'm waiting on the previous value I can't really I can't really do this so what this ends up meaning is that CPUs are often faster on uncertain hash hashing algorithms like this then GPS which is yeah which sort of ruins the idea of a faster cracking rig so moving on to moving on to why why secure password policies so the the idea is we want to force users

to have passed which which contain as much entropy as possible we know that pass passwords are going to be chosen based on the absolute minimum that a user has to put in so for example if I've got a lowercase uppercase digits and maybe a special i'm going to choose maybe password one with a ! with something similar maybe my name capitalized yeah so that's that's the idea um I generally hate entropy calculations but i'll do a really basic one here so essentially the idea is character set we've got lowercase uppercase digits that's 62 characters which means that the worst case number of guesses for a an eight digit password is 62 to the eighth so character set

times characters at times characters at them characters at eight times um so that's the general idea and yeah essentially we want to create lots of entropy so we say things like use digit specials as much as possible and what that's trying to achieve is essentially this so all this graph shows us just you can pretty much ignore the days of the left so X X is number of characters for those you can see and why is time and as we start getting to sort of eight nine ten the the amount of time increases exponentially which starts to make these types of things infeasible so yeah that's that's the the original approach or the sort of the way it's historically

been done but we're starting to see a bit of a shift recently so I believe shall I think that's his name the guy from Stan's post he was chatting about about geo political stuff earlier mentioned nest so nest is the American who I knew this earlier something about standards what is necessary again national very guy so yeah national institute of standards and technology and they're responsible for creating a lot of these types of standards i think they also do the the Shah competition to create the new the new char algorithm and they've recently come up with some new password some password requirements which people will have to abide by in order to take advantage of the fifteen percent fifteen

percent konawa do so much 15 sorry tax rate yes exactly the tax break for for complying with NIST so um what they've said is some some basic stuff so a minimum of eight characters we all know eight characters is borderline but quite a big thing is what they've also said is maximum of 64 characters so the absolute minimum maximum that's someone who complies with Miss can set is 64 which means that I will always be able to set a 64 character password at least on a nest compliant website which is quite big for for password manager users and maybe people who like to type sentences no password expiry so this is something we've been recommending for a while but

it still seems to creep in every now and then resetting your password every three months doesn't add security it does mitigate or like a diminished exposure so if your password does get breached you're only the attacker only hazard for X amount of time but what often happens with password expiry is the fact that you'll just append one to your number or change your special character or something like that so it often doesn't add the intended security and also just disallow known bad passwords so this is something that's actually quite common in password policies at least for good websites where you'll try and set your password the password and will say sorry we've got this blacklist and password

isn't that blacklist so you you're not able to set that password you can use old breaches and stuff too quick it is ok so just now that we've we've got this knowledge we're just going back to the less we looked at the beginning so the gist of it is all of these passwords are bad sorry did I go louder there so the first one is just dictionary plus a rule the second one is a Polish word which is just a different kind of dictionary we've got a keyboard walk which is caused yeah ma can try and pronounce that we've got mountain love which is obviously a really common Cape ternion one correct horse batteries staple yeah I think we've all seen the

comic I didn't feel the need to put that up sometimes your words just hypnotize me is a biggie song and educate yourself if you don't know what that is and then the earth security strategic strategy strategic at is actually just a scrape from the b-sides website an actual scrape from the research website um because I was actually just a typer on the website yeah so whilst some of these might look better than others they're they're all not much really great and if we if we take a good approach to cracking these passwords so then moving on to the personal space um what do I as a user of passwords so someone who interacts with with technology have to

do in order to keep myself secure so I think we all know we've seen some quite big high-profile breaches recently so Dropbox Lincoln you guys can read all the logos that on there um these are websites we typically trust and their databases are getting dumped and ending up in the hands of essentially bad guys and and also on that so Ashley Madison adult friend finder for those who don't know these are sort of a fair websites or like cheat on your partner websites where you're not awfully worried about your password not being correctly hash you more worried about your wife leaving and taking everything which which is going to be the outcome of that so yeah

I'm not going to try I'm not going to give you any recommendations to protect you against that don't be a dick but but yeah I'm for general password security let's see what we can do so yeah i mean the the problem the reason people actually get affected is because of password reuse so what will happen is I'm a bad guy I breach your database I then sell it to some other bad guys who will try and crack the passwords and then either sell it on or try and try and abused other social media or whatever account using the same password um and we know that password reuse is bad and hey man I do it I'm sure most of

you guys do it but how can we stop it so the obvious the obvious thing that like an infosec noob for example would say is generate random unique password and they must be so long and all that but how can we reasonably do that as as users who have other concerns in our life and so I thought maybe password managers um I'm not going to get into a debate about which one's the best I use key pass but yeah I mean people start wars about this kind of stuff so I'm really not going to get into it and these are these are three really popular ones so take a look at whatever you want so the idea of a

positive manager story that's slightly misaligned so that fix that and is that you've got one really big secure password in order to unlock all your other passwords you don't have to remember anything other than your your one secure password um but what this still means is that you do need one at least one secure passage which a lot of people don't have so um just in terms of usability of key pass here's here's the kinds of things you can do so generating password is is incredibly simple you took a new profile type in the website you want it to be and then you can select what you want so say this is something i do if i see that it's a bad

website i'll leave out wide spaces and minus just in case it's it isn't being escape properly ended messes with a website but yeah you can choose you can toggle the check box to make your length increase and you can see the past if you don't like it generate a new one this isn't the password i'm using by by the way so yeah and then just in terms of usability so I haven't typed in a password other than my keepass password in quite a while there's there's really cool things like control be for the username control C for the for the password and then the magic one control V so all you do is you point it at a at a login page and hit

control V and it'll sort of lucky and automatically and do some some misdirection so that you're if you're being key logged it'll be harder to for the attack to get your password set sort of back spaces a bitten types random characters and all that yes okay so um so often that will be done on the HTML element where you can just set pasting is disabled um and then you can just toggle it back on you just take that out of the HTML element and but there are times when you've got to actually type it in manually and some people will do it so for example the one of the password when you're when you're creating a new password like the either

the confirm or the previous one like the first one will allow posting but the other one won't see ya if that's the case you can actually a much if I've got it here or cut off the top but you can there's like a tab at the top which lets you create different kinds of passwords so yeah I'm not going to pull open my keep us right now but I you can choose passwords that are for example pronounceable which are easier to type and and all that kind of thing and yeah you can also play with the character set a bit and just maybe just increase the length and to maintain entropy but also type ability um yeah so I sorry that's a

bit small so that is one of the issues which I'll discuss on the side so obviously personal manager is really cool what I can create unique passwords and I don't have to remember many passwords just just the one maybe my gmail password which is I need to type on my phone every now and then a type of stuff and changing passwords is really easy you just click regenerate button and obviously copy paste it into the change password field and then you're good but but they're they're quite a lot of cons so the specialized software people see this is quite a big barrier to entry I'm not sure why it's actually really easy and also you need at least

one secure password as I said many people don't have even one secure password so you're going to have to find a way to generate that we'll chat about that in the following slides um and then a really big issue or the next two are really big issues so syncing between devices which means for example on my work pc and my home pc i want maybe my med bitbucket heroku that kind of stuff i want to kill passwords on those but i also want those sinks between between those two computers and then manually entering passwords so often you'll encounter things like having to type passwords on your phone primarily maybe into your your new Smart Case ball you

bought I know I know Andrew Mac has like lots of IOT devices in his home which which he has two connectors his network and also there's a single point of failure so that they have been there have been issues with with bastard managers in the past um but but I don't see that as a huge issue everything has has 0 days um but just on that so most of these issues have been in pastured managers in the browser please do not store your passwords in the browser I think we all know way too much about or hopefully everyone's at least heard that browser exploits are fairly common and that sounds like a bad idea for example

Firefox oday like recently cool so as I said in previous slide we actually need to figure out how to generate at least one secure password so let's look at that as I said I hate entropy calculations so I've I've fudged the numbers a bit just because I can't put a number that long and I don't like ease so the first thing is what's the difference between password in a passphrase you're using them pretty interchangeably up till now um but yeah how do I tell the difference so it's quite open the definition I don't think it's been strictly defined but my the way I define it is multiple words for example a sentence not necessarily a

sentence that makes sense but just multiple words put together preferably with spaces but not necessarily yeah so that's how I would define us and then what makes a good pass phrase so how do i how do i generate a pass phrase that is better than a password and and why are these better than passwords so yeah just taking a look at entropy so we say we've got a lowercase plus uppercase to the power of eight that's not an awful lot you can do the math yourself if you don't believe me um but then I then I generate an a similar passphrase which is a eight words long which is Cape Town is great this time of

year and if I were to look at it using the same the same entropy requirements i would say for example lowercase uppercase spaces to the power 44 which is an unbelievably large number that's infeasible this posture will never be cracked I can use this forever etc um but that's not true this is why I don't like entropy calculations because the way to actually look at it is words in the English language to the power of eight because for the most part you will include English words in your in your passphrase not necessarily you can probably fight me about that later but I think this is a more reasonable way of looking at it which then essentially

just makes it the words in the English language are your character set which is obviously more than 26 or 50 52 to the power of 8 which is which is still considerably large but significantly less than then lots um so ways to generate these these passwords are going to look at three different types so the first is dice where my shift has anyone heard of lice web for general nod okay like two people so the way I swear works is there are there are dictionaries and they sort of map to word so they're indexed by values which are all essentially the value on a dice so like a d6 so the way it works is you roll 5

die dies I don't know in order to get the order they get the index for your first word and then you repeat this process over and over to create as many as many words as you deem fit so yeah hopefully that makes sense so what are the issues with I swear it sounds like a great deal obviously I get quite a lot of randomness I'm literally just rolling a dice to create my password no one's in control of that if I'm if I'm very paranoid no one's given me this password I've done it myself and yeah hopefully my die isn't it just but there's yeah as I said there's quite a lot of content so the dice where

dictionary is at least until recently have included many really weird words so these are just examples of words so Derek it mondo Seneca the character ? etc I guess jars word I don't know why I put that in there um but then the issue like this sort of filters down to the next thing so if I've got words that I don't understand or can't use readily um it's a lot harder to remember passphrase that contains them so cleft cancer sino it whatever um that passphrase over there is not one I created in order to prove a point it is literally the example they give on their website as a sample passphrase and that just makes no

sense to me i'm i think i would really struggle to to memorize that granted not as hard as as a completely random password but still not exactly what I'm looking for in a passphrase so fortunately for us there's a great startup called P Rio and they do what do they do so I think they do instant messaging something like that but they're selling point is that is super secure and they do some complicated key to root derivations schemes and all that and they recently actually did a tour called pass phrases for humans I thought I had stolen both their title and their content until I went to watch the video fortunately I hadn't but they did some

really cool work into generating word lists forward I swear type password generation but wordless that make more sense so they what they did they did squad research into this actually so they they took they figured out how many words the the bottom percentile of people know so i think i was about 15,000 in English that is and they aimed it to that I think it was about the 15th percentile so sort of 15 percentile app is quite a large amount of people especially if you consider a bell curve so they target their the sort of complexity of their words towards that they then do things like remove words which could be considered yeah which people could be offended by its twenty

sixteen people get offended a lot so they removed all those words um and then they they came up with this this call set of words which hopefully make a lot more sense than I swear words so here's just an example decent shell dripping handy industry granted this makes no sense but I know all of those words i can probably spell them and if i can remember them individually i can i can probably recreate my passphrase so they've actually got this really cool site where you can select your language and select your length and just keep generating and um sometimes i said there for quite a long time just trying to get good past razors but yeah they're really

great and definitely check them out so the pros of the frozen period are there the past races are definitely easier to remember but not necessarily easy and there's no hard word so they put a lot of effort into making sure that everyone can most people can understand the words that are being used the cons are they're generating the passphrase for you so you don't have a lot of control over exact what you're getting obviously you can keep clicking the button but um some people prefer the control over what their choosing and the the pass phrases are at best abstract and nonsensical they just yeah they just aren't on something which users can can remember as well so yeah they lack meaning to the

user so this is I see the next slide is actually not what I thought it was um so I'm just going to keep talking over now so so what I did is um at the beginning of the year I joined a security company knowing not a lot about security and I had to choose some some secure passwords after you get like Lux encryption password so encryption on your hard drive keepass and my my sort of hosted self password and had to generate these in quite a short amount of time so here's what I did because I'm I'm a flippin noob or learn how the fight I want and so essentially what I did is I

base these on natural language um so books poems movies etc you take something at least at least marginally related to that and then screw with it so that hopefully someone like me can't let's crack it again so I did this I came up with these passwords i still use them and then i decided hey what can I actually crack them like could someone like me reasonably cracked my passwords so what I did is I did some research into this um the the first the first thing I did is I tried in grams so is everyone familiar with in grams or actually so what Anna gram is is you you take sentence and you just chunk it so n

is like like in and maths so it can change so you guess by grams trigrams four grams five grams etc and so these are trigrams of the sentence I love the smell of napalm in the morning which apparently I'm too young to know about according to Russ thanks for us see essentially you just sort of trunk the chunks of sentence and see what happens obviously trigrams on super useful for pass phrases but as it gets longer um you can you can get some good hits um so these are some actual engrams I got many of these are based on religion so I'm not sure what that says I guess it's easy to remember Bible verses especially

if it's something you grew up with so yeah they're also quite dark so dark the kind of man there's no fate but what make that's actually a terminated reference great great one that um and then I took a look at Markov chains so I did some work with Markov chains at University I'm sure most of you have encountered them in maths at some point so the idea of a Markov chain is when probably going to butcher this but essentially it's just a state with percentages in order to transfer to the new state so for example at state I I've got thirty-three percent chance to transfer to state don't and I've got sixty-six percent chance to try and

stick to go to like so for example you can build a sentence of of Markov chains like I don't like butter etc you can all read that um so Markov chains actually come up in traditional password cracking quite a lot as well aware you can create words based on the dictionary so if i crack enough polish passwords for example i can figure out that I don't know valves valves aren't great lots of consonants usually appear together and I can crack pradesh passwords based just off of learning from the from the data set um see how what I did is I sorry I actually skipped this man i wish i didn't leave that slide so what I did

for all of this the engrams a Markov chains and the later one is I went and I um I went and I I didn't listen to many people's terms of service so I just scraped as much data as I could get my dead little hands on my scrapbook songs like everything and that's quite an issue right now because I would love to share this what I've done but like I think there's quite a lot of trouble if I do I definitely read some terms of service which I was breaking in the process of this but I had fun and and that's all that matters so um yes so the idea is you take quite a lot of big text

for example I can then train a markov chain once I've scraped all of eminem songs or biggie songs to do for example rap like biggie and the layer the larger your data set is the the better it'll get obviously it's no lyrical genius so these are some markov chains i got i think so markov chains are interesting because i managed to get my ex's password my boss's password both on the on the same type of type of attack which i think is really great i'm not sure where that one came from um and then I did some sentence analysis so my sentence analysis were the great idea didn't turn out so well so the idea

behind it was find out where sentences look like so with regards to figures of speech so I'm gonna pause a whole lot of sentences that I see in text and i'm going to create sort of skeleton sentences that consist of the figures of speech so a really obvious example would be noun verb noun so I n kicks ball or whatever and I can then sort of substitute in different nouns into into that sentence in order to try and get a more reasonable result so yeah that was the idea sounded great at the time did not work out very well so yeah just an example of what that would look like this obviously shows one of it the

issues with with my training set is I don't know much about NLT k which is the natural language toolkit in Python and so for example these aren't all the same figures of speech i obviously didn't train my data correctly but yeah that's the idea so our town thought hits new here that was the idea behind it um and then some some sentence analysis based past races so you'll never guess this password I would love to hear from you I just want to hug that guy man I feel really bad and Romeo and Juliet love each other that's a great one and so this I'm lying a little bit this was actually a like this part was a brute

force although it could have also been from a Combinator attack so yeah that was what I did I had some fun but I didn't get really good results and that's pretty much it so um all I want people to take away from this is when generating passphrases if you're going to be like me and be a dumbass and choose natural language based passphrases try to just yeah just consider these things so plus razors are vulnerable to the same kinds of attacks as normal passwords dictionary attacks I think I've beat that to death rule-based attacks i can do all kinds of things especially with really really complicated rules i can often just with like a random large set of rules i can

often reverse what one did in a what one changed in in a passphrase that make sense in order to get it far enough away from the original sentence markov chains work pretty well since instruction alisis doesn't work very well but yeah these are the types of attacks i think a reasonable person would apply to pass phrases at least at the moment so yeah I just bear that in mind I I should probably go and change some of my past races throwing that in mind I have the same slide again and yeah so future work and things I want to do is I want to figure out how licenses work so i can actually um not get arrested if if I

ever want to release this so for example my understanding please break me if I'm wrong with songs is that the artists owned the lyrics so I have no idea how lyrics websites are allowed to exist but the artists owns all the lyrics to all the songs that they make and if you have that you are sort of in breach of whatever that means um then I want to figure out how in ltk works so I've no idea how it works I had a lot of fun playing with it my honors project was actually in natural language programming or processing but I still couldn't figure it out so yeah I'd like to play without a bit and then automated

passphrase attacks so once I've got a better a better tool to work with I'd like to just bring it to the level where password attacks currently are we sort of run password sh and then go do something else for two weeks while it sort of runs and iteratively cracks all the passwords so yeah that's pretty much it I think I'm just in time yeah so my Twitter's i'm tired i have like hardly any followers please follow me it makes me feel so happy [Applause]