←back to thread

Apple Passwords’ generated strong password format

(rmondello.com)
430 points tambourine_man | 3 comments | 18 Oct 24 11:12 UTC | HN request time: 0.001s | source
Show context
mr_mitm ◴[18 Oct 24 13:40 UTC] No.41879391[source]
I'm glad someone is thinking about UX and ergonomics when it comes to passwords. Most people I interact with have by now realized that generating passwords is a good idea. But if you are already generating the password, please do not include special characters. I regularly use different keyboard layouts (sometimes it is not even clear which layout is active, like in the vSphere web console), and the fact that passwords are often not shown on the screen when typing them makes for terrible UX and causes frustration.

The usual advice about character classes is only for casual users who don't know what makes a secure password. Entropy is the deciding factor: Ten random lower case letters is much more secure than "Summer2024!", which satisfies most password rules and has more characters.

Personally I stick to lower case letters for things like my Netflix password or Wifi key, because typing with a TV remote can be a huge pain. To keep a similar entropy, just increase the length by one or two characters.

replies(10): >>41879469 #>>41879535 #>>41879556 #>>41879734 #>>41879735 #>>41880345 #>>41880499 #>>41881423 #>>41881471 #>>41883418 #
coldpie ◴[18 Oct 24 14:01 UTC] No.41879556[source]
In the context of web authentication, does entropy even matter (beyond an extremely low threshold)? Are there any attacks that actually occur that are defeated by increasing entropy? AFAIK basically all the auth attacks we see today are from password re-use, and out-of-band authentication, neither of which password entropy has an effect on.

"Summer2024!" is perfectly fine, if you use it for exactly one service. Frankly, "1235" is probably fine. No one is out there brute-forcing passwords.

replies(6): >>41879633 #>>41879639 #>>41879642 #>>41879681 #>>41879821 #>>41880424 #
jusssi ◴[18 Oct 24 14:10 UTC] No.41879639[source]
People are definitely running dictionaries against password hash leaks. Both examples look like they might be in a dictionary.
replies(1): >>41879652 #
coldpie ◴[18 Oct 24 14:12 UTC] No.41879652[source]
So what?
replies(3): >>41879706 #>>41879737 #>>41879764 #
jusssi ◴[18 Oct 24 14:20 UTC] No.41879737[source]
So the service you used this password at gets its password hashes leaked. Your account is one of the (admittedly many) low-hanging fruits that gets used for whatever else someone might be using it for.

I suppose, if it's some random forum, they could just post some bot spam with your account and get you banned, no big deal. You'll live.

replies(1): >>41879755 #
1. coldpie ◴[18 Oct 24 14:23 UTC] No.41879755[source]
Ah! That's a good point. I had been considering a hash leak to be equivalent to a plaintext password leak, where you're screwed no matter the entropy. But I guess you have a fair point: a high entropy password could prevent your password from being cracked even under that scenario. So you could have a point here.

We could explore that further: are there any recent examples of this happening? is cracking password hashes still hard, given modern GPU hardware techniques? This could help us establish what "low" actually means when I say "low threshold."

replies(2): >>41880032 #>>41881149 #
2. freedomben ◴[18 Oct 24 14:58 UTC] No.41880032[source]
Yes it still happens pretty regularly, but in recent years people have gotten a lot better at using libs, so passwords are salted and hashed with a slow algorithm which substantially increases the difficulty of hashed attacks by makign it computationally expensive to hash every password. These days it's not uncommon for it to take months or years to crack 50% of the passwords in a dump. If your password has sufficient entropy, it may never be cracked. Modern GPUs can parallelize across their numerous cores, but statistically a brute force isn't going to work. Hybrid dictionary attacks are where it's at, and if your password is random (pseudo-random) then a dict attack won't work.

Modern password hashing is very good.

3. umanwizard ◴[18 Oct 24 16:46 UTC] No.41881149[source]
> is cracking password hashes still hard, given modern GPU hardware techniques

Yes, if the entropy is high enough. What else would be the point of salting and hashing passwords?

There's no known way to reverse major hash algorithms like SHA-256 or bcrypt; you have to try all the combinations. So you have to do exponential work in the amount of entropy whereas GPUs only give a constant factor speedup over CPUs.

If this ever changes (e.g., someone breaks SHA-256 or bcrypt) you will definitely see it as the #1 story on HN (and probably pretty prominently in mainstream media too).