[unisog] [Fwd: Is the current password std flawed?]

BACHAND, Dave (Info. Tech. Services) BachandD at easternct.edu
Fri Feb 25 15:11:21 GMT 2005


We require an eight digit password using Windows complexity rule, which
is three of the four types of character (UC,LC,#, symbol.)  I agree that
this does limit the range of possible passwords, by my math to about 6%
of the original space.  This assumes that the user creating the password
is really going to create a complex random string, and then check it
against a dictionary.  My users (and admins) certainly won't.  By
forcing a complex password, a dictionary attack should fail.  Also since
the potential hacker can't know what type of character is in each
position, I would think that a brute force attack would have to include
all possible characters.  

Dave Bachand
Data Network Manager
Information Technology Services
Eastern Connecticut State University
83 Windham Street
Willimantic, CT
Tel. (860)465-5376

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of
Valdis.Kletnieks at vt.edu
Sent: Friday, February 25, 2005 12:05 AM
To: troutman at mesh.net; UNIversity Security Operations Group
Subject: Re: [unisog] [Fwd: Is the current password std flawed?] 

On Thu, 24 Feb 2005 20:30:29 CST, "Clinton E. Troutman" said:

> CS's statement would be correct if:
> - it is known that a particular character position in any particular 
> password
> *must* contain *only* a numeric, or

But actually, you *DO* know that for many cases.  For instance, if there
is a *requirement* that at least 1 position have a numeric, you can not
bother trying all the combinations that don't have at least 1 digit.  So
if you're brute-forcing, and the min length is 8, and you're testing
'aaaaaaa' and another character, you can only try 10 and be done, rather
than all 96 printables.
Similarly for *aaaaaaa, a*aaaaaa, aa*aaaaa, and so on...

To mathematically model it, let's say you have 8 positions and 96 usable
If all 8 are free, you have 96^8.  If you force a digit, you only have
10*96^7 (or only about 10% of the space).  If you force a digit and a
"special", you're down to 10*96^6*34, or about 3% of the original space.

A *better* way is the way that Fedora Core's 'pam_cracklib' does it:

        minlen=N        The minimum simplicity count for a good

        ocredit=N       Weight, digits, upper, lower, other characters
                        count N. Use these values to compute the
                        'unsimplicity' of the password.

So you can say, for instance, that you need to score at least 15 points.
Let's say we have d/u/l/o credit of 2/2/1/3 - so you can get there with
a password of
15 lower case chars, or 10 lower case, a digit, and a 'other', or 11
lower case and 2 digits, or....  If you use a minlen of 20 or so with
the weights I listed, you're creating a *HUGE* space an attacker has to
choose through - and users can still come up with some easily memorable
passphrases or whatever.  If they don't want to type a lot, they can get
to 21 points with just 7 special characters and no letters/numbers at
all. ;)

This way, you lose a *lot* less entropu, because no one position is
because there's more than one way to get the needed points....

More information about the unisog mailing list