How passwords are compromised
Passwords are not stored in plaintext (with some exceptions). When a web server receives a password, it runs the password through a one-way algorithm to produce a value called as a hash or digest. The hash value has the purpose of allowing authentication, but not exposing the original password. A compromised hash cannot by itself cannot be used for authentication. It's trivial to produce a hash from a password, but not so the other way around. A password is compromised by breaking its hash (also known as digest). Every few months some huge service with millions of users will get owned and it's database of hashed passwords will be made public or held for ransom. Crackers will run their tools against the hashed passwords to unmask them. From this they will learn:
- What the most common passwords are.
- What strategies are used to strengthen passwords (e.g. adding numbers to the end).
- How often unique passwords are used (shocker: 0.0001% of the time).
Crackers then use this information to refine their tools making their job even easier next time.
A common technique is a dictionary (also known as rainbow table) attack, which will try every entry in a customized word list ("dictionary"). This might be the Oxford English Dictionary or every word which came up in the first 10 pages of a web search for "memes". Advanced dictionary attacks will one-up all that shit you thought you were so clever for thinking of:
- Use multiple words.
- Add numbers to the end of words.
- Add symbols before/after/between words.
- Turn the words into l337 sp34k.
- Add the website's name onto the end of your password.
- Use common phrases like 1pledgeallegiancetotheflag or yippiekiyaymotherfucker.
- Much, much more, guessing billions of times per second.
Services can mitigate these attacks by incorporating something called a salt - or better yet, a super-cool technique called a Zero Knowledge password. The latter was invented some twenty years ago and is used by in the order of nobody. Until the internet gets its shit together, your security is in your hands and you MUST use strong passwords.
On Linux, hashed passwords are stored in
/etc/shadow file. The hashing algorithm used is usually SHA-256 or SHA-512.
There are two types of passwords:
- Regular passwords, which you keep in a password manager.
- Passphrases, longer strings that are used at the most important places, for example to protect your password manager database or unlock your encrypted disk.
Humans are bad at creating randomness. Strong random passwords can be generated using diceware (Demonstration). This involves rolling a six-sided die to generate digits for a truly random number. A precision/casino die is recommended for better randomness although some studies have found the difference to be negligible. The random numbers generated using this method are then matched against a word sheet to make a mnemonic phrase. This produces passphrases you can memorize, but attackers can't guess. The security of these phrases in dependent on the choice of words, and the size of the set of words the phrase was pulled from.
The rest of your passwords, most of which will be for web services, should be generated by and managed with a password manager. It's possible but unlikely for the diceware method to generate a weak password (i.e. repetition). Use common sense.
Password managers can generate long, random passwords using the full character set. The hashes of these passwords cannot be cracked by a dictionary attack - the only method is brute-force which can require astronomical amounts of time and energy. Password managers memorize your passwords for you which makes it easy to use unique passwords for each site. They can also set password expiry dates to remind you to change your passwords every so often. Passwords are kept within an offline encrypted database - secured by a password or passphrase which you better not forget. Naturally the database should be backed-up in a secure location such as a fireproof safe.
Good password managers:
Don't do these:
- Using fewer than 10 characters.
- Using all lowercase letters.
- Using dictionary words.
- Names, sports teams, pet names, Chinese cartoon references.
- "B-But my password had both letters and numbers!"
- Using the same password in two (or more) different places.
- Using the same password in slight variations.
- Using a password you've ever shared with anyone ever.
I'm so clever I trolled myself shit:
- Hashing a word/phrase: This may get you a decent password length, but if you're going to use a tool, why not use a tool specific to making good passwords?
- Some other strategy you thought of five minutes ago: The people who write password managers have already thought of it and determined why it is less secure than what they already use.
UNHash is a talk from late 2014 explaining the (then) state of password cracking.