Well, I used 1 trillion guesses a second here. 10 years ago I’d have used 10 billion. So length does matter. And 300 years drops to 1 year if a dedicated attacker is willing to spend a good bit more on hardware (which, in the era of cryptocurrency, could actually be worth it, even just for a criminal).
And yes, sites should use good hashing algorithms, but we users can’t count on them doing so. Plus, even a technically-but-not-practically broken hashing algorithm isn’t so broken as to be equivalent to plaintext storage (unless it’s unsalted), so it’s less about specific algorithm choices and more about overall design security.
Not saying passphrases are useless, but password managers are the better technological path, in my opinion, because they obviate the need to remember more than just one password, and allow to you skip typing in passwords too (in fact, a pw manager is better for passphrase users, because they they can still use memorable phrases but don’t have to type them in all the time).
And as it happens, my master password for my pw manager was originally a 6-word passphrase, but has since been changed to a 20-character randomly-generated password, because it’s a ton easier to type, particularly on mobile.
Absolutely agree on the usage of a password manager. And yes, as hardware increases in power we run into the issue of timelines being shorter. I disagree on MD5 being not totally broken, considering a collision can be found in seconds on even low end hardware these days. Even salted, a collision would still be viable.
Again, the real problem overall is adoption. Getting people to use better passwords/phrases that are less likely to be brute forced. Everyone should be using non-SMS 2FA, ideally with an authenticator app or physical key. As well, password length should only be limited by a minimum value rather than being in a small range. Services should be using algorithms that are recent, well audited, and have the ability to artificially inflate the time taken to get the result for future-proofing. SSO is also an option, since services without IT departments or people with the ability to handle passwords should offload it to a service that can. SSO as a service provider is very appealing, as you no longer have the responsibility of storing sensitive hashes and account information.
Was not aware of the latest efforts on MD5, in all honesty; I take back what I said before.
I agree with everything you said there 100% except the bit about SSO. SSO is great for people working in managed environments (I wish my workplace would make broader use of it, honestly), but expanding it to everyone as a whole creates some serious issues (putting everyone’s eggs in the same basket is a security risk, and worse, having a centralized third party notified of every login request totally undermines user privacy).
I don’t mean to imply that it should be everywhere, rather it is appealing as an option when the only other option is to roll your own setup.
It’s useful for connected services, orgs, etc. Especially when it comes to easily setting up access controls. But you’re right, it’s not a solution that should be used everywhere due to the fact that a single point of failure is bad.
Btw this has been a great discussion and I hope that others reading this might help further the goal of creating a safer internet
Well, I used 1 trillion guesses a second here. 10 years ago I’d have used 10 billion. So length does matter. And 300 years drops to 1 year if a dedicated attacker is willing to spend a good bit more on hardware (which, in the era of cryptocurrency, could actually be worth it, even just for a criminal).
And yes, sites should use good hashing algorithms, but we users can’t count on them doing so. Plus, even a technically-but-not-practically broken hashing algorithm isn’t so broken as to be equivalent to plaintext storage (unless it’s unsalted), so it’s less about specific algorithm choices and more about overall design security.
Not saying passphrases are useless, but password managers are the better technological path, in my opinion, because they obviate the need to remember more than just one password, and allow to you skip typing in passwords too (in fact, a pw manager is better for passphrase users, because they they can still use memorable phrases but don’t have to type them in all the time).
And as it happens, my master password for my pw manager was originally a 6-word passphrase, but has since been changed to a 20-character randomly-generated password, because it’s a ton easier to type, particularly on mobile.
Absolutely agree on the usage of a password manager. And yes, as hardware increases in power we run into the issue of timelines being shorter. I disagree on MD5 being not totally broken, considering a collision can be found in seconds on even low end hardware these days. Even salted, a collision would still be viable.
Again, the real problem overall is adoption. Getting people to use better passwords/phrases that are less likely to be brute forced. Everyone should be using non-SMS 2FA, ideally with an authenticator app or physical key. As well, password length should only be limited by a minimum value rather than being in a small range. Services should be using algorithms that are recent, well audited, and have the ability to artificially inflate the time taken to get the result for future-proofing. SSO is also an option, since services without IT departments or people with the ability to handle passwords should offload it to a service that can. SSO as a service provider is very appealing, as you no longer have the responsibility of storing sensitive hashes and account information.
Was not aware of the latest efforts on MD5, in all honesty; I take back what I said before.
I agree with everything you said there 100% except the bit about SSO. SSO is great for people working in managed environments (I wish my workplace would make broader use of it, honestly), but expanding it to everyone as a whole creates some serious issues (putting everyone’s eggs in the same basket is a security risk, and worse, having a centralized third party notified of every login request totally undermines user privacy).
I don’t mean to imply that it should be everywhere, rather it is appealing as an option when the only other option is to roll your own setup.
It’s useful for connected services, orgs, etc. Especially when it comes to easily setting up access controls. But you’re right, it’s not a solution that should be used everywhere due to the fact that a single point of failure is bad.
Btw this has been a great discussion and I hope that others reading this might help further the goal of creating a safer internet