More on Passwords

Thu, 06/07/2012 - 09:34 -- darryl

If you have been reading about the breakin at LinkedIn, where at least 6.5 million passwords (and probably emails and usernames) were stolen earlier this week, you are probably wondering if anything online is safe.  In an article today in Computerworld, quoting information from the security firm Sophos, lays out in detail the woeful situation. 

These days, most user passwords are no longer stored in clear text.  This is a part of the reason why you have to wait for a verification email when you can't remember a password, and probably have to actually talk to to someone if your email address of record is out of date.  Personal questions as a secondary proof just don't cut it;  Mitt Romney's email account on Hotmail was compromised this week because someone was able to guess Mitt's favorite pet and then changed the password on the webmail account. 

Any serious attempt at security will have passwords stored as hashed strings.  (Hashing is different from encrypting.  Hashing is a one way process that doesn't allow the original information to be retrieved—hopefully.  Encrypting allows for retrieving the original information.  For password usage, it isn't necessary to retrieve the original password, only verify that the one entered is the same as the original one.)  The goal of a hashing algorithm is twofold:  hide the original password and produce a result that, as nearly as possible, produces a unique result for each different password.  There have been a line of hashing algorithms proposed with names like MD5 and SHA1. 

Unfortunately, the two goals of hashing are in opposition.  If the result of hashing is unique for each password input, then it is probably only a matter of time before someone can figure out the mapping, and can then take a hash and retrieve the original password.  Once a hash algorithm has been broken, the bad guys can quickly create huge "dictionaries" of likely passwords and their hash values, and when a company's user records are stolen, the password hashes are quickly compared to the dictionary entries and clear text passwords returned. 

The current state for most commercial systems is to add a random "salt" string to a password before hashing it, so that even if two users have the same password, the hash strings stored for them are wildly different.  This can make the work of compiling a dictionary expensive, because it will be different for every user, on every system.  The goal is not to make the passwords unbreakable, just unbreakable long enough that the stolen information is not likely to be useful any more.  Probably a couple years would suffice for most commercial situations. 

Unfortunately, LinkedIn was using an already broken hashing algorithm with no salting.  According to Sophos, most of the passwords released just three days ago are already broken.  Sophos looked at the released hashes and, using widely available tools, was able to find a lot of bad passwords, like p455word, linkedin and redsox.  They found every password but two in the table of common passwords used by the years-old Conficker worm

The continuing take-away here is that, more than ever, you need to choose passwords that are not easy to break.  You have no control over how the companies you interact with store this information, so you are the only one that can ensure that your account information is safe.  This means at least 9 characters long, mixed case, numbers and punctuation, no names or dictionary words (in any language) and no "leet" style translations (eg, p455w0rd for password).  Even better is a "pass phrase", same rules but with at least four distinct and unrelated words.  Passwords should be different on every system you use.