Just wanted to make a thread to note my distaste for the guy who makes this trash and for everyone who listens to it

Just wanted to make a thread to note my distaste for the guy who makes this trash and for everyone who listens to it.

"44 bits of entropy"

Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks. I can't believe that not only does this dumb faggot not realise that but, in addition, people actually paid attention and listened to that trash. Fucking plebs.

Other urls found in this thread:

xkcdsucks.blogspot.com/2009/08/comic-622-left-to-reader.html
howsecureismypassword.net/
gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40
passwordcreator.org/diceware.html#good
twitter.com/NSFWRedditGif

yeah xkcd is pretty much smug reddit comments: the webcomic

Wouldn't it be (number of English words)^4 tho?

XKCD is pure cancer and is the fucking bane of my existence on any tech board. Monroe's occasional technical ineptitude is nothing compared to how fucking cringey his sense of humor is. I'm fine with autistic people making bad webcomics, but it has become an ever-present reminder that nearly everyone who, like me, likes technology is autistic as fuck and has no sense of humor and we as a group should be eradicated from the planet. Sucks.

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks
>I do not understand entropy

>Monroe's occasional technical ineptitude

?

>it's another moron-doesn't-understand-dictionary-attacks-or-entropy episode

xkcdsucks.blogspot.com/2009/08/comic-622-left-to-reader.html

For example.

But OP, he's "NASA's kid", even though he only worked 6 months in there! You're envious of him!

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks.
0/10, but nice try. Might get a few hits on /sci/, you should try it there.

>Wouldn't it be (number of English words)^4 tho?
It's more complicated than that, mainly because it depends on how you measure “number of english words”. In other words: How large is the pool of words from which you are randomly picking entries?

This matters a great deal, because for example a word pool of size 1000 will give you easily memorizable words like “want figure read son” but only 10 bits of entropy per word, while a word pool of size 234,937 (my /usr/share/dict/words) will give you unrecognizable words like “reposefully sarcoplasma viscometrically Ornithomimidae” but 18 bits of entropy per word.

(To actually measure how many bits ofe ntropy you have, use `log2 #wordcount`)

Well it's more than 99% of Cred Forums accomplished.

He's like Frasier, dumb nigger doesn't even know how the fucking brain works, thinking brain can be more powerful than a 3GHz processor.

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks.
Confirmed for not understanding what dictionary attacks are and how password cracking is done in general.

Confirmed that you're a dumb fuck.

based terry

nice try NSA

this is one of the best password methods out there, OP is a faggot as always

howsecureismypassword.net/
think of four random words and see that it would be impossible to crack them.
the specific one mentioned in the pic says "instantly" because "I suspect the password crackers might be on to this one by now.." since its such a common picture. But even changing the last word from staple to table would be impossible to guess as well

TerryWentToHighSchoolInTamponLand
336 undecillion years

diceware a best OP, fugg u

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks.

Think of a password then watch as that password is shortcut into every dictionary attack in the future. There's a second thread talking on this shit too and I'm really giving it some thought tonight as I lose my buzz.

>But even changing the last word from staple to table would be impossible to guess as well
Wrong, that would be trivial to crack

>Eradicate humanity because many have tastes that differ from mine
>implying that tastes could have objectivity
>Autistic "stop liking what I don't"

At some point people got confused by what is meant by a dictionary attack.

They think it means taking a dictionary (like English dictionary) and randomly picking words from it, or multiple words from it and putting them together like in the xkcd comic, to guess passwords but rather it refers to using a dictionary of passwords, aka rainbow table.

>Wrong, that would be trivial to crack
Not really. When your bruteforce attempts correcthorsebatterystable there will be no indication that the password is close to that one, which means that it will have to do a brute force equivalent to any other unknown password in order to find it, unless you specifically code your brute forcer to attempt one word differences for every multiword password in your dictionary, which will just make every password take longer to bruteforce.

I just proved you wrong and it took me seconds.

>Pleb Smug Girl Cat
>454 billion years

>4[-Z$.,|/54#]5O{4q
>380 quadrillion years

You're just very fucking ignorant if your reason to use the first one is that it's easier to remember. Stay pleb fag.

I'ma try and do some alcoholism math here:
Assume 7 letter words (correct) in english you've got some known number X of those straight up.

You've got at minimum X^4 for your word choice right? Then you've got some smaller subset of alphanum+special chars for your between-words, space being most obvious but a trivially constant amount of total characters. I'm going to be generous and say 256.

So you've got (X^4)*(256^4)? Does that seem right? What's that fuckin numebr goddamn

Modern password cracking works with genetic algorithms and remixing strategies that combine existing passwords and wordlists to form new passwords with similar schemes.

True, it's not *trivial* to guess that a password will have been “correcthorsebattery” + word, but such a permutation is still very likely to come up within the first few hundred trillion attempts or so.

(Keep in mind modern supercomputers can do tens of thousand of trillion password attempts per second)

> Found 78035 7-letter words for Scrabble
So that's way smaller than I expected, i accidentally already added a prefix for say 1password on the old one but lets assume another 10X of variations with say l33t text replacement shit.

(8e5)^4 *(256^4) ~= 1.8e33 so nearly 2 decillion? Pretty good if your password is
!correct*battery(horse%staple

... Maybe a bit more if it's
correct$horse@battery staple

Probly well under the 2decillion.

on the lower end, still assuming 4x 7 letter english words as a maximum but with spaces or no prefix/suffix you're still at ~4.1e23 which is like 75% of avagadro's number? Pretty good right.

>It's more complicated than that, mainly because it depends on how you measure “number of english words”. In other words: How large is the pool of words from which you are randomly picking entries?

I remember looking at a list of English words in order of frequency and the words correct, horse, battery and staple were all in the top 3000 or so. Furthermore, 3000^4 is approximate to 2^46, so it's even more secure than xkcd suggests.

Nothing irks me more than people who take a “correct horse battery staple”-style password and make it ‘secure’ by adding random numbers, symbols or 1337-speak replacements. Way to miss the entire fucking point. You should re-read the comic until you get it.

Adding random numbers actually makes your password scheme *less* strong, where strength is measured by entropy per effort. You would be better off adding a fifth word to your password, rather than bothering with some stupid letter replacements and hard-to-remember symbols.

I personally don't consider 46 bits acceptable either. I go for 64 bits of password entropy, together with a strong PBKDF.

A modern adversary is capable of 2^50 - 2^60 attempts per second.

I did cover that later in and actual password length is a limitation at some point. I wasn't even measuring it in brute-force bullshit attacks, adding a cheap constant number of separators was easy for estimation's sake.

Actually i fucked that up, that was with my l33t'd set of roughly 800k possible 7 letter words. Way more than the 78k without l33tening.

(78e3)^4 ~= 37e18 which is even less good, but not awful i guess? Besides 7 characters is probly slightly lower in average user's common language

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks.

I'll give you a 1/10. Honestly that's the best I can do.

>78k words
I can basically guarantee that a dictionary of this size will generate complerely unrecognizable, unmemorizable passwords.

Here, let me demonstrate:

>dyspnea ungraphic pseudoisomeric Jacksonite
>homoeogenic taxational sophomorical clotter
>Stymphalian daygoing spintherism copiously
>mesophragmal angiostrophy miscellanea tigtag

Can you remember any of those? No? How about this?

>build act, must provide those duck truck tracks
>they could double tie dad sister student mile
>come he yet to mount sun star string?

same length, roughly the same entropy

That was 78k seven-letter words. That was sort of an exaggerated number of STRICTLY seven-letter words. Source of my data was some random scrabble website.
7 letters are pretty high for a mean amirite, that was optimism.

My point was that having 78k distinct 7-letter words is only possible if you include garbage, almost nonsensical words like in my former example.

The word list I used to generate my second example was 1000 words long, and I even took the liberty of re-arranging them to form a better mental image. (I factored this re-arrangement into my password strength estimations when I claimed they had about the same entropy)

Okay well the data could very well be wrong, the math almost definitely has serious flaws, BUT SCRABBLE HAS RULES DAMNIT.

Yes, and scrabble allows words like “homeogenic” or “taxational”. Scrabble word lists are deliberately designed to be extremely permissive, which is also what my /usr/share/dict/words (the list I generated the first set of passwords from) is designed to be.

This topic is so irrelevant to today's issues with password security. Cred Forums is really full of autists.
t. Yahoo

Yeah but that gets into far beyond 7letters.

>1000 attempts/second
Okay now use a proper dictionary attack, and use a realistic speed of at least 1m attempt/s
Wow you sure showed us, smug XKCD fuckface.

Now that is an old fucking comic but against bcrypt you're still probly going to get closer to 1k than 1mil even with an EC2 instance or something

>1m attempt/s
cute

Modern supercomputers are almost exascale. I don't care how many orders of magnitude you're gaining from bcrypt, it still pales in comparison to just how absurdly powerful hardware has gotten.

Sure yeah but supercomputers aren't even in the same league as a thousand EC2s

>Okay now use a proper dictionary attack
Agree. “correct horse battery staple” is on every single modern password list. It would be cracked in an instant.

>Can you remember any of those?
If I tried to I could remember any one of those, and that is the point.

If it took you more than ten minutes to memorize any one of those passwords you listed then you have brain problems.

>Actually each word is just 1 bit of entropy you dumb faggot because of dictionary attacks
Are there only 2 words in the English language now?

0/10

Yes, “op” and “faggot”

You are an English speaking person.
It shouldn't be hard to learn a new English word, especially if it is something you will be using frequently.

"pee pee friction pleasure" might be my new password

use japanese in your passwords
good luck getting my loli stash
no one will ever guess that my password is ものべの

>2011+5
>doesn't even correct horse battery stapler

I'm not sure what's more fucking cringey

The quality of humour on XKCD or that someone rigorously maintains a "SOMEONE ON THE INTERNET IS WRONG" blog about it

What if I only speak English?

you're such a melodramatic drama queen. does anyone ever spend more than 30 minutes at a time with you?

>i dont like thing: The thread

kys my man.
No one gives a fuck.

>ssssssssssssss
>It would take a computer about 51 years to crack your password

-_-

> I'll answer in Haiku!

WHY?

> I personally don't consider 46 bits acceptable either. I go for 64 bits of password entropy

ITT people who are fucking stupid and should kill they'reselves

>oh my god someone might crack your password in three thousand years from now
>my password is much safer, it won't be cracked before the heat death of the universe

I pretty much use this method like this:
>mix 2 different languages
>1 proper noun, preferably personal, not publically availible
>if password is very important, like to a bank, add special character or number in between words
How much entropy is that?

Thanks for contributing to the thread, great post.

11 bits/word = 2048 words long wordlist.
Retard

English has over a million standard words.
ASCII doesn't even compare.

A 20 digit pass-generator ASCII pass is inferior to 20 standard English words.
Even with dictionary attacks, you can shit on them all simple by using numeric 'spacers': Op3is.a1fag4
Obviously that is easy to guess, but that's just an example.
By throwing in any non-English words, you increase that toldness for dictionary attacks.

Dictionaries BTFO

Pleb Smug Girl Cat About
213 septillion years
4[-Z$.,|/54#]5O{4q
380 quadrillion years

>song title
>first line of song

>-45 words, easy

Are dictionary attacks really that common? Seems to me like it would be a huge waste of time. If your target doesn't use just dictionary words, you're gonna have to give up after figuring you've attempted enough combinations.

Is there any situation where a security-critical login interface won't block you out after a few failed attempts in this day and age?

Well he's fucked in 454 billion years, then

Yeah, when you've stolen hashed passwords from someone's servers and you're cracking them on your own machine.

I thought people just used rainbow tables to do that.

I guess using dictionaries would crack a lot more passwords faster, even though it would fail to crack the passwords with non-alpha characters.

...

OP is crypto paranoid that just completes first semester cryptography and considers himself an expert.
>don't consider 46 bits acceptable
Proof of what I said.

You have no idea how dictionary attacks work, idiot.
They don't use the English dictionary

Offline database of hashes.

I'm the second guy you quoted, not OP

>In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying hundreds or sometimes millions of likely possibilities, such as words in a dictionary.

Then I ain't even sure who is more idiot.

>outside a mound in the sky here died a tibboh
>destroy mexico terrible for the first time
>I put jelly beans on my pizza
If you can't remember passphrases longer than 4 words, you're not trying hard enough.

You think 2^46 is acceptable when a modest, small cluster of modern GPUs is capable of 2^40 password attempts per second?

>passwordpassword

It would take a computer about
35 THOUSAND YEARS
to crack your password

>Type the last 2 characters
>Goes from 26 seconds to 6 years

The algorithm isn't doing guesswork with token baby boomer passwords for Yahoo accounts even though some hackers might arbitrarily choose to put those as their first words in their dictionaries. So what? You know passwords with the word passwords are insecure without needing to be told so. Stop being a dumbass on purpose.

>20 spaces
>30 million years

Yeah, Okay

...

you are obviously a bitter virgin and a samefag.
But mostly a bitter virgin. When you'll stop fapping to loli pictures and actually go out and stop being such a butt-frustrated loser, you'll lose all of your bitterness toward xkcd.
trust me

>putting your real password into this site
>not being aware it then tracks social media then signs in

Source?

i always thought entropy was something oldfags stuck up their ass

So we can just make shit up completely now and if it fits the "internet corporation spies on you via social media" mold, it's accepted as truth.

Google search "hashcat benchmark"

I don't think you know what a bit is

1 bit means there are only two possible values (0 or 1)

If there are 4 possible passwords, that's 2 bits of entropy (you have to try 00, 01, 10, and 11)

In this comic he's saying IF YOU KNOW THE PASSWORD SCHEME (e.g. you know he used 4 words, at random, from a list of 1000 most commonly used words) then there are 1000^4 possible passwords

1000^4 = 1 trillion possibilities = 44 bits

So USING A DICTIONARY it still takes 1 trillion guesses at most (a half trillion on average)

Now in the case of Tr0ub4dor&3, he again assumes you KNOW THE PASSWORD SCHEME. You know that the password is "one uncommon word, followed by punctuation, followed by a number" and that the order of the number and punctuation may be swapped and the work may or may not have caps and vowels may or may not be replaced by numbers

If you didn't know the password scheme then you would try all possible combinations of upper-case, lower-case, symbols, and numbers. For a 10-digit password like the one provided, assuming only 10 valid "symbols" (since most people stick to $, @, &, or !) that means there are:

(26 + 26 + 10 + 10)^10 possible passwords (lower + upper + number + symbol)

So if you didn't know the scheme, it's 3.7 quintillion passwords or 62 bits of entropy

However if you know the scheme (because people don't actually use RANDOM passwords, they do something they can remember like "a word followed by a symbol followed by a number") then it's suddenly only 28 bits of entropy

If this is correct it would mean 12 days for 4 common words. Or else just another word is about a 100 years to be cracked. Yes a 5 words password is then acceptable.

>If this is correct it would mean 12 days for 4 common words. Or else just another word is about a 100 years to be cracked. Yes a 5 words password is then acceptable.
Okay, now try an adversary that has more than a home workstation.

Try somebody with a university compute cluster for exmaple, which is not too hard to get your hands on. Those 100 years are now several hours again. Your move.

>XKCD

Literally the Big Bang theory of comics

Which is why the comparison is retarded.
1- if the 4 words are selected truly at random, then they have the same issues as in the case of the char-random password.
2- you will NEVER know the exact scheme of a char-random password, but you could easily know that a password is 4 dictionary words. The equivalent for char-random passwords is knowing it's an uncommon word with symbols and numbers substituted somewhere inside, with a good probability that they're symbols that are similar to the letters they replace. Even then, it's more common to have that + trailing special characters.

underrated

>waaah 6 words is hard to remember
There you go, I just gave you 7.
Not him btw.

?
My point is that you should use 8 words.

Why stop at 8? Just copy this post into a file on your machine and use that as your password.

That makes no sense. Your post is not a password generation scheme?

I have always hated XKDC
Garbage that only 14 year olds think is deep.

The password you chose is too long.
Please choose a shorter password.

Doesn't matter, just save it as ".passwords/netflix" or ".passwords/github" etc.
Maybe run it through a hashing thing, then, truncated at the max length.

>Doesn't matter, just save it as ".passwords/netflix" or ".passwords/github" etc.
So you're advocating I reuse the same password for every single service? That has 0 bits of entropy

No, dumbass, save as your Netflix password, save as your github, this post here as your botmail, etc.

So they're all pulled from the same Cred Forums thread?

gee, I sure hope nobody google searches one of my passwords and finds this page on the archive

If your password is hashed & truncated to fit, there is 0% chance of that happening.

oh, stop being deliberately daft

Fair enough. Then it ought to be secure enough in practice, equivalent to a combination of N random words.

Now, that we've established this, we can begin to talk about efficiency. Is your password scheme easier to type quickly than mine? Is your password scheme easier to memorize than mine (at the same equivalent entropy)?

Remember, the ideal password scheme is the one that provides the least memorization/typing effort at at the same (equivalent) entropy.

Not the English dictionary, faggot.

How secure is a password like 'H3RACL1TUS'

If you're a leet ricer, or have someone at whom you can shove money into and take scripts out of, it would probably be trivial to script reading the password from the .password folder, hashing it, truncating it, and sticking it in the clipboard.

absolutely fucking shit considering most dictionaries already have rules as E->3 and A->4 and bullshit like that

i advocate for 6 words and 6 random characters mixed in

But if I'm using a password manager already, I might as well just generate 32-character random passwords like 7OMyZAmQzc7LH7yCdsBIh6aEY4B7MNf7. That will give you more security while being less effort to implement and maintain. Also, since you're storing passwords in plaintext on your drive, you expose a bunch of side channels and prevent yourself from synchronizing the database e tc.

I remain unconvinced of your scheme. It seems pretty stupid, and I have demonstrated multiple reasons why.

I've been following this approach to create somewhat secure and memorable passwords.
Take a phrase like
>Smug pleb cat girl browsing Cred Forums on a Saturday evening and morning
Take the first letter from each word and randomly capitalise some of the starting letters and get
>Spcgb4OaSeaM
Then add a year relevant like Cred Forums was created 2003 and add the amount of letters in above and get 2003 + 12 = 2015. Add it and separate it with & for example and get
>Spcgb4OaSeaM&2015&
Optionally add a final one or two ¤@ and get
>Spcgb4OaSeaM&2015&¤@

Is this strategy viable? I think it would be very difficult to generate a dictionary attack for something like that.

There are some advantages: you don't have to hassle with backups since the posts are online already (rbt.asia and warosu.org when these get pruned, and even more places if you choose copypasta), you also get to save posts you liked and your password at the same time with the same effort, and there's probably more I could squeeze out

kek. Well, I'll give you a 7/10 for legitimate effort

OP is a huge retard. No one forbids you to use different delimiter (pipe instead of space for example), or using different vocabulary (assume you can understand more than one language).

Well obviously if you take two passwords of the same length, the one with a larger character set will be stronger. The point is that length is way more important than the number of characters you have to choose from, so using "ch3353pl0x" as a password isn't as good as a random 4-word password.

Plus you can obviously randomly capitalise one letter and add a number somewhere to make it even more secure if you must.

The suggestion is to use 4 RANDOM words. Picking actual sentences is stupid because it's far easier to crack.

How many sentences can be made in English?

This
I use Japanese words written in Latin alphabet plus Greek words plus some made up words from when I was a kid
Good luck making a trying attack

I'm really not sure how you're getting your numbers.

Even with the equivalent of 100,000,000 8x1080 GTX 1080 node throughput, you're not getting anywhere near 2^60 hash/s on bcrypt.

gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40

Although I generally agree with your sentiment, I think the point is that computing power grows pretty fucking fast. If it takes 3000 years now, it may only take 30 minutes in however many years, and we all know people love to re-use passwords everywhere. If you go for 16.2 quintillion years, chances are even on your deathbed no-one's gonna be able to crack your password using brute-force attacks using their fancy quantum computers.

>bcrypt
funny

Web developers still think MD5 is secure, and you're trying to tell me bcrypt is widely deployed?

daily reminder that true entropy can be reduced to units of pi, and are thus not entropic

We're talking about a master password for a password manager, or a master password for a encrypted partition. Using significantly slower and more secure hashing algorithms is almost guaranteed. Point is, you're not getting anywhere close to 350 GH/s on a 8x GTX 1080 node for a realistic scenario on cracking a password database/encrypted partition.

Then, after you have a master password that's sufficiently secure, you can generate completely random passwords that don't follow XKCD recommendations and therefore have plenty of entropy.

...

The 8xGTX 1080 cluster in that gist gets 105.7 kH/s (16.6 bits) on bcrypt.

A single GTX 1080 has a computational power of about 8 GFLOPS. (I'm going to give the benefit of the doubt here and assume the bcrypt algorithm is efficiently implementable as single-precision FLOps)

A modern supercomputer can reach 100 PFLOPS, which is a factor of 2^20.6 compared to the 8xGTX 1080 setup. Using a crude back-of-the-envelope estimation, a supercomputer of that scale could achieve about 2^37.2 bcrypt attempts per second.

Yes, and if you choose a 6 word Diceware password, current supercomputers will not be able to crack it in a reasonable amount of time.

passwordcreator.org/diceware.html#good

2^37.6 is ~158b attempts per second.

>6 word diceware
Yep, that's a pretty good way to generate passwords.

I personally use 8 common (top 1k) words, rearranged into an order that makes more sense

>rearranged into an order that makes more sense
user, I...

>in b4 he doesn't understand entropy

there are only 8! unique 8-word permutations. That costs you only about 15 bits, which is about the same as adding a single extra diceward word.

please don't assume I haven't done the math

>I hate fun things, I don't understand technology, I'm autistic
Never change Cred Forums

underrated

>being autistic about old meme comics

I would call you the dumb faggot but apparently your kind can't help it I'm told.

>1 bit of entropy
>there are only 2 words in the english language

>Are dictionary attacks really that common?

In general? Yes, it's the first thing you try. If you got a lot of hashes from a lot of idiots, just run them against rockyou.txt or whatever.

But not in the way necessary to crack multiple word passwords. That's pretty uncommon and many tools won't even support it out of the box.

>If your target doesn't use just dictionary words, you're gonna have to give up after figuring you've attempted enough combinations.

Why?
Just write a smarter rainbow table..

1. use plain words
2. combinations of the most common words
3. words from 1., exchange some symbols in a "leetspeak" manner ("l33t", "gr8tb8tm8t")
4. words from 2 add some non-numeric symbols between the words

The problem is, most people wont use "26vvsSH&§§fsAAHa§", but rather something like "this_1_i$_2_my_3_password_123".

There are "common patterns", which will bring you close to many passwords. Or so I heard.