Re: Paper & pencil password algorithm
- From: usenet@xxxxxxxxxxxxxxxxxxxxxxxxxxx (James Taylor)
- Date: Tue, 17 Feb 2009 11:53:21 +0700
Guy Macon <http://www.GuyMacon.com/> wrote:
This basic concept (hash a URL to get a password) is
flawed.
I've answered this point before:
<http://groups.google.co.uk/group/sci.crypt/msg/2dc9c1eeb787c101>
Firstly, although there no reason you cannot hash the entire URL, for
speed and convenience with a paper and pencil system you would use only
the some kind Organisationally Unique Identifier. For ease of
remembering, this would most likely be the registered domain name in the
case of a well established company such as hotmail.com or yahoo.com. For
the little Mom&Pop shop using AOL webspace, you'd be better to just use
their name "Mom&Pop" or whatever.
Even if you had chosen to use "aol.com/mom-pop" as the input, and then
they got their own domain mom-pop.com, you would simply log in with the
old password and set a new one based on "mom-pop.com". If you hadn't
been to that site for a very long time and couldn't remember that they
used to be with AOL and therefore you calculate the password based on
"mom-pop.com" and find it doesn't work, then you only need to look at
the bookmark you used to get there and discover that it's an AOL address
that was redirected.
For other kinds of account there, such as FTP, ssh, NNTP, etc, you'd
probably have a machine name and a username that you combined (eg.
"postgate-james") and I guess you could append the protocol name too if
you wanted separate passwords for each. For encrypted container file
passwords you would obviously use the name of the file, or the filename
mangled in some secret way
So, as you can see, there is no great problem here. The user of the
password system has just a few conventions to remember, and may
occasionally have to adapt to changing situations, but no real hardship
as far as I can see.
It requires two mutually contradictory things:.
[1] If (as often happens) Someone puts up a look-alike
site such as
http://www.example.uk.com/
http://www.example.com/
or
http://example.blogspot.com/
http://exanple.blogspot.com/
or
http://members.aol.com/example/index.html
http://members.aol.com/exanple/index.html
...the passwords will have little or no resemblance
to each other.
Well, if these look-alike site have been put up by phishers trying to
steal the credentials of the original site, then it's a *good* thing
that the algorithm will generate completely different passwords. Perhaps
I've missed your point.
If, on the other hand, two different URLs belong to the same company and
respond to the same login credentials then there is genuine cause for
confusion. For example google.com and google.co.uk. In this case the
user will have a preferred point of entry (I have a strong preference
for google.co.uk and have my browser configured that way) and he will
just have to remember to input "google.co.uk" into the password
algorithm even when logging in at google.com. In fact, knowing that the
credentials are shared, I would personally just use "google" and forget
about the ".co.uk".
[2] If (as often happens) someone changes the URL of a site
with a 301/302 redirect, fast META redirect or Javascript
redirect such as:
http://example.com
http://www.example.com/
http://homepage.example.com/index.html
or
http://www.example.com/index.htm
http://www.example.com/index.shtml
or
http://www.example.com/foo/index.html
http://www.example.com/bar/index.html
...the passwords must remain character-for-character identical.
Yes, and that's exactly why I have advocated using only the domain name,
not the full URL. The only reason to use more than the domain name is
when two different accounts are held at the same domain (eg. aol.com)
and in that case the username should be appended to the domain name (or
maybe an abbreviation of the username for convenience).
These two goals are mutually contradictory.
I think you're overestimating the difficulties involved. Sure, there
will occasionally be changes to the way certain sites are structured,
but it is fairly easy to choose the algorithm input string so that it is
dependent upon the fixed things not the changeable things.
It often occurs that someone asks for suggestions online, but
has already decided upon the broad outline of the answer and
is asking for help with the details, rejecting any answer that
is not within the narrow range of answers that he will accept.
This may be one of those cases.
Well, I haven't heard any better ideas of how to deal with the threats
I'm trying to protect against. I am interested in a paper and pencil
algorithm for good reasons that I have already explained. You might
think I'm solving the wrong problem, and it's fair enough to say so, but
I would like to solve this problem anyway even if only as an academic
exercise. I will appreciate all the help I can get in finding a workable
paper and pencil algorithm.
I've made some progress since last week on the algorithm design which I
hope will make it easier to do by hand. I'm aiming to post details here
tonight. Perhaps then you can pull it apart. ;-)
--
James Taylor
.
- References:
- Paper & pencil password algorithm
- From: James Taylor
- Paper & pencil password algorithm
- Prev by Date: Re: Encryption with pointless hashing?
- Next by Date: RSA question
- Previous by thread: Re: Paper & pencil password algorithm
- Next by thread: Re: Paper & pencil password algorithm
- Index(es):
Relevant Pages
|
Loading
