←back to thread

Apple Passwords’ generated strong password format

(rmondello.com)
430 points tambourine_man | 10 comments | 18 Oct 24 11:12 UTC | HN request time: 0.416s | source | bottom
1. raverbashing ◴[18 Oct 24 12:41 UTC] No.41878878[source]
Looks like a good design

Doing something like randomly sampling a range of a-zA-Z0-9 and all the symbols without order or structure is absolutely the worse way of doing it for passwords that humans need to type/read, or in fact anything that might get tripped by special characters (like shell scripts, etc)

Yes yes you might lose a bit of entropy, just add one or two characters to it and it will make up for it. Passwords are not so much bruteforced from zero anymore rather than leaked from places with bad password hashes

replies(1): >>41878971 #
2. tuxone ◴[18 Oct 24 12:52 UTC] No.41878971[source]
I just opened the Password app for the first time to look at the generator. It seems like the pattern is: [a-zA-Z0-9]{6}\-[a-zA-Z0-9]{6}\-[a-zA-Z0-9]{6} with exactly only one uppercase char and one digit. I don't want to do the maths but that looks like a lot of removed entropy.
replies(2): >>41878985 #>>41879126 #
3. timabdulla ◴[18 Oct 24 12:53 UTC] No.41878985[source]
He mentions the entropy in the article...
replies(2): >>41879073 #>>41879104 #
4. tuxone ◴[18 Oct 24 13:05 UTC] No.41879073{3}[source]
Right, thanks. So from 160 bits down to 70 bits of entropy (there is also fancy syllables and bad words to take into account).
replies(2): >>41879109 #>>41879157 #
5. Veliladon ◴[18 Oct 24 13:09 UTC] No.41879104{3}[source]
*They just FYI.
6. eviks ◴[18 Oct 24 13:10 UTC] No.41879109{4}[source]
Quite the opposite

> these new passwords have 71 bits of entropy, up from the 69 from the previous format.

replies(1): >>41879160 #
7. nneonneo ◴[18 Oct 24 13:11 UTC] No.41879126[source]
Fully random: 62^18 in that format, or about 107 bits of entropy.

Their approach: ~71 bits per the article (I counted ~73 bits but I’m not using their exact algorithm)

I’d say it’s not too bad. With a good password hashing algorithm you’re looking at nearly 2^100 operations to bruteforce their passwords, which isn’t going to be feasible anytime soon. (Even with a crappy hash algorithm it’s still going to be over 2^80 operations).

And, in this case, that entropy trade off means the passwords are easier to remember and type in, making it more likely for humans to actually use those passwords.

8. ◴[18 Oct 24 13:15 UTC] No.41879157{4}[source]
9. tuxone ◴[18 Oct 24 13:16 UTC] No.41879160{5}[source]
I am referring to the loss of entropy compared to a (theoretically) fully random 20-chars password.
replies(1): >>41879267 #
10. nneonneo ◴[18 Oct 24 13:28 UTC] No.41879267{6}[source]
Nit, 160 bits of entropy would be if you could get 8 bits per character, but that’s highly unrealistic. 6.0~6.3 bits is more feasible based on what most websites will tend to accept, which lands you at around 120-126 bits of entropy for a fully random password.