[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] Possible reason why password usage rules are such a mess

On 11/16/20 1:16 PM, Arnold Reinhold via cryptography wrote:
o Encouraging people to use password managers, at least for most passwords

o Encouraging people to write down non-managed passwords, with suggestions for safe places. It’s no longer reasonable to expect ordinary users to memorize all the passwords or passphrases users need, if they are to be strong enough.

Allow me to be controversial: We should be badly worried by password managers:

First, why should we trust that the user's machine that it is running on is secure? People get infected by malware all the time.

Second, why should we trust that password manager software is somehow immune to having bugs?

Other suggestions welcome.

 o Don't recycle passwords for different purposes. (Though everyone does, worth repeating again…)

Back to the controversy:

It is completely unreasonable to expect users to remember a zillion unique passwords. They have to record them somewhere. So how to do that?

- Loudly tell users it is okay to write down passwords. There is an article of religious faith that needs to be overturned here, people need to be understand it IS okay to write down passwords. (And, once someone writes down an important password, take very good care of that paper. Pretend it is a hundred dollar bill if that helps focus the mind.)

- However passwords are to be recorded, the more off-line, and the simpler and more manual, the better. Offline and simple and manual will reduce both the number of bugs and the reduce severity of the consequences.

Personally I do use a password manager—but I use it very little, and it is very manual. (No auto-pasteing of passwords when some software infers I would like that.) Most of the time I need a password I type. (Diabolically simple!) Without looking it up, because I remember my frequently used passwords, because they are frequently used. I only look up a password when I need one I don't remember.

But I run my password manager on a Linux machine that I am very conservative about what other software runs on it; I wouldn't *think* of trusting my regular Android cellphone with my password records.

These last points start to get pretty subtle, which is why most people should write down passwords on paper, with NO electronic technology involved. Wanna backup? Do not take picture of your passwords list with your cellphone, don't photocopy it with anything that is also online. Best keep two copies of your list in two places. After you add a new password to one list, later update the other copy.

Yes, passwords are a mess. alas the magic bullets proposed all make it worse, so people need to be taught how to do the work to manage them better, and people like us can't agree. (See controversy above.)


The cryptography mailing list
cryptography AT metzdowd.com