8 character passwords are now easily crackable, change the default to 12 #15
Comments
Issue: tytso#15 Signed-off-by: Martin Atukunda <matlads@gmail.com>
|
If you read the full report, they are assuming that a password is "crackable" assuming that it is hashed using MD5. MD5 is an ancient cryptographic checksum, which is widely considered to be insecure, precisely because passwords can be cracked in seconds[1]. [1] https://security.stackexchange.com/questions/19906/is-md5-considered-insecure There are no doubt some legacy systems that may still be using MD5 for hashing passwords. But more modern systems don't do this. For example, BitWarden uses 600,001 iterations of the KBPDF2 algorithm[2], which is vastly more secure than bare MD5. Bitwarden will be soon switching to using Argon2 for its password hashing, which requires using far more memory than can be used in a graphics card, to avoid hardware acceleration for brute force cracking[3]. The tradeoffs for using these more secure password hashing algorithms is that on older / cheaper mobile devices, the time for the legitimate user to do the password hash might delay their login by a second or more, which is not a great user experience. (On the other hand, it's probably less painful than having to type a 16 character purely random string....) [2] https://en.wikipedia.org/wiki/PBKDF2 In any case, the Hive Systems report is clickbait, because MD5 has been known to be weak forever, and no competent system designer would be using MD5 in the twenty-first century. And all of this assumes that the hash is available to the attacker. Many systems do not expose the hash to the attacker, and if you try more than a small handful (3 to 10) bad passwords, the account is locked. This also prevents brute force attacks. Since pwgen doesn't know whether or not you are trying to use a system which has been competently engineered or not, it doesn't make sense to change pwgen's defaults assuming an incompetently designed system. After all, such systems probably of far worse security vulernabilities, since I wouldn't trust any system designed by someone who thought using MD5 in the post-2000 era was a good idea..... |
|
I agree with most of these points. Closing this issue. |
According to the password table published by hive systems, even the most secure 8 character passwords generated by this tool are now crackable within 5 minutes.
The link above explains how they came up with the table. Since the password table changes every year, I would like to include the table as it stands this year (2023) into this issue.
I think we can no longer adhere to the nist recommendation of 8 character passwords.
The NIST document linked to above was updated to include the
Since passwords are still very much in use, I am raising this issue so that we can consider moving the default length of the passwords generated by pwgen to
12instead of8.The text was updated successfully, but these errors were encountered: