password

[asakiyume]

When I started off on LJ, I created a super-beautiful, idiosyncratic password that gave me pleasure to type. When I re-started a DW account, the password I created was ... way less beautiful. And yet it turns out that I feel just as happy to type in the DW password and to write an entry or read other people's entries as I did/do to type in the fancy-special password.

... I guess it doesn't hurt to make marvelous passwords that you love, but on the other hand, it really is just a password, and it's getting on the actual site and doing stuff there that's The Thing.

This video is unrelated to passwords--it's Kathy Jetnil-Kijiner reading one of her climate change poems. The words are beautiful and heartbreaking, but also hopeful: They say you . . . wander rootless with only a passport to call home, and when she read it in 2014 at the United Nations climate summit, she got a standing ovation; people were very moved. Watch all the way through.

Watch on YouTube

Comments

[amaebi]

You have made me think of passwords into accounts as portals. Thank you.

[asakiyume]

I'm delighted :-)

[amaebi]

Just think of having passwords that would open up your vision, your hearing, your senses of mell, taste, touch....

[zyzyly]

My first LJ password was a series of numbers, which had some sort of meaning back then--maybe my employee ID or something. I still remember the numbers, but not the original significance of them.

I like having interesting passwords. I get bummed out when I have to change them every three months.

[asakiyume]

I feel the same about changing them. I'm lucky in that I think only one site that I visit requires that (... and I rarely visit that site).

[missroserose]

Back in the long long ago when I first started using the Internet (1997, I think?), I had a Yahoo! account, and at one point I forgot my password (as teens are wont to do) and used their recovery tool, which assigned you one using two random words with a number attached. And mine came up as "walnutbird", which I still find oddly poetic and in fact used variations of for a password for quite some time.

These days, however, I use a password manager, and all my passwords are randomly generated strings of characters. Far less satisfying, but convenient and more secure. :)

[asakiyume]

Walnutbird is beautiful!

For the password manager, that must mean you don't type in the password directly, correct? (The password manager must do it?) .... I don't really know how those work.

I don't buy the notion that randomly generated strings of characters are more secure, though. Or rather, I think they're only more secure if an actual person is trying to hack your account, using intelligent guesses. As soon as it's a program, then it seems to me it's down to brute force and working your way through all the various combinations of numbers and letters. It's all pure speculation on my part, though, and I know they **say** the randomly generated strings are more safe.

[missroserose]

*puts on Psychology Enthusiast/Spouse of a Security Professional hat*

Okay, so to answer the question here (of whether randomly-generated passwords are more safe), there's actually two security concepts we need to separate out. I expect they have actual names in the security community, but as Brian's off in the other room and I don't feel like bothering him, I'll just refer to them as "objective security" and "behavioral security". Basically it has to do with usability - a system that's behind seven passwords, each of which must be changed monthly and has to include at least ten letters and five nonrepeating numbers, seems objectively more secure than a system behind two easily-memorable passwords. But in actual use case scenarios, people who use the first one are going to write all the passwords down on a sticky note and stick it to their computer screen. (Or in their desk drawer, or under the keyboard, but these are all places a seasoned hacker would look immediately.) So it's not very secure at all. My favorite story, the Case of the $1.3 Million Brick, which Brian heard about when he briefly worked auditing military bases: one base had a $1.3 million security system for its Top Secret area, including a super-thick reinforced steel door that required multiple keys and a then-state-of-the-art retina scanner to open. And it was such a pain in the butt (the retina scanner in particular was painful and finicky to use) that the first person to come in would prop the big heavy door with a brick, thus completely defeating the system.

To bring this back to the case of computer passwords, if objective security were all we were talking about, then you'd probably be right - password crackers would all be brute-force attacks, and randomized strings wouldn't be any more secure than memorable phrases. However, obviously that's not the case - most people don't use password managers, so they need something they can remember. Since the primary limitation in any password-guessing undertaking is time/number of attempts (this is why best practice for systems with sensitive information like email or banking requires a lockout after multiple failed attempts), cracking programs will start with the most common passwords, usually followed by what's known as a "dictionary attack" where it starts using words and combinations of words, along with common symbol substitutions (! for I, or $ for S, etc.) So a random string is actually quite secure, especially since most of those same systems will alert you if someone's trying to log in and fails enough times.

Another use-case point in favor of a password manager is the fact that almost none of us want to remember a hojillion passwords, so we tend to reuse the same ones in multiple accounts despite the fact that professionals constantly tell us not to. As a result, successful attackers will often take the same email/password combination and try it out on multiple sites.
Since the manager (in my case, LastPass) generates and fills in passwords automatically, it removes that burden of labor; therefore, if one account is compromised (as happens fairly regularly through various attacks on retailers and popular websites), the same password doesn't open any other accounts.

I just read this to Brian, and he points out that another big point in favor of password managers, which is that they can remember far longer strings of characters than people can; every additional character in a password makes it orders of magnitude more difficult to crack, since it exponentially increases the number of potential answers. So, another point in favor of LastPass. :)

[asakiyume]

I totally agree with the behavioral versus objective security thing, and the brick story is a great one. For me, psychologically speaking, entrusting management of passwords to a third party is a big problem: every third party is just people and programs, and people and programs are fallible, and while I'm fallible too, I **know** my fallibilities--so I'll try to address them and keep the responsibility myself.

Does the password manager put in the password for you when you get to the site you want to access? Because that would be something in its favor (for me)--I'm always mistyping things, and as you say, multiple attempts can get you locked out, so I have to be *very* careful when I have to input a password.

[missroserose]

I completely understand the concern about password management. It's actually a very valid concern - a lot of the big hacks that've made the news have happened because the target company wasn't storing passwords/credit card numbers/what have you correctly, so when folks got into the system the information was there in plain text format. (Slightly nerdy cryptography aside because I find stuff like this fascinating: for decades, the best-practice way to store sensitive information has been through a "hash", which is basically a one-way encryption - the password can be the entire text of Frankenstein, for instance, and the algorithm converts it to a unique string of (say) 16 characters; change one letter and you get an entirely different 16-character string. This is becoming moderately less secure, however, because hashing has been under sustained attack for all that time, and hackers have been creating a sort of brute-force reverse-engineering method by creating "rainbow tables" that list commonly-used passwords and the hashes the algorithm makes of them. Security experts have responded by what they call "salting the hash", basically adding random characters to the passwords so they generate different hashes. Like many things, it's a continual arms race.) Unfortunately, since the only way to keep a password 100% secure is to never ever use it anywhere, that's not really a pragmatic option.

One of the things LastPass does that I really like is stores all of your hashes locally, so short of someone gaining actual physical access to your laptop (or phone, if you pay the $12 annually for the premium version), no one's going to be able to access your entire password list. That's not to say they won't be able to nab a password from one of the websites you use it in, but if all your passwords are different, that's a relatively small breach in security. They're not perfect - your master list is stored under a master password, and recently they *did* have someone break in and steal a bunch of master password hashes (which, to their credit, they alerted everyone about immediately) - but it's still the best balance of convenience/security I've found.

To answer your question, yes, it does automatically fill in your password for you (on most sites - some have code that doesn't want to play with the autofill, but you can click the little browser-extension icon and it checks what site you're on and offers you a one-click "copy password to clipboard" option, which you can then paste into the password field). The only difficulty I've had on that front has been with some banking websites, where Brian and I have different usernames; for some reason, it'll sometimes put in his username and my password (or vice versa), so I usually manually copy/paste just to make certain.

Point of note: given that username/password combos are clearly not terribly secure, one of the best things you can do for your more sensitive accounts (if they offer the option) is to turn on two-factor authentication. Two-factor works by combining something you know (usually a password) with something you have; that can be a fingerprint, a widget that generates codes (Brian has one on his keychain that he uses to log in to his work systems), an RFID badge, whatever. Consumer-level two-factor usually takes advantage of the fact that everyone has smartphones; the first time you log in (and anytime you log in from a place it doesn't recognize), it sends you a text with a code you enter in. Gmail supports two-factor authentication; I highly recommend turning it on.

[asakiyume]

Arms races of security/breaches of security are fascinating!

I don't have a smartphone, as it happens, but gmail's two-factor authentication works with any cellphone, so I do have it turned on.

[missroserose]

Awesome! You're better off than most folks, then. I had some rando trying to get into my Gmail account recently (I know because Google sent me an email saying 'by the way, someone in Hungary was attempting to access your account; don't worry, they didn't get in'), and I was super grateful that I had all that set up. It's a little scary when you start thinking exactly how much personal information is in your account.

[sovay]

And yet it turns out that I feel just as happy to type in the DW password and to write an entry or read other people's entries as I did/do to type in the fancy-special password.

I think that's really cool, actually.

[asakiyume]

Yeah, it came as a pleasant surprise.