Thursday, June 28, 2012

Yet another wacky security scheme

Passwords are easy to get wrong.  Trying to make people come up with "stronger" passwords just makes it worse.  Security questions just provide another avenue of attack, probably an easier one.  So, ladies and gentlemen, may I introduce to you: The security word.

"What is it?", you may later regret asking.

You give the site a "security word".  Later, they will ask you not for the word, but a few randomly selected letters, for example the second, fifth and eighth, and next time it might be the first, fifth and sixth (note to self -- lopado­temacho­selacho­galeo­kranio­leipsano­drim­hypo­trimmato­silphio­parao­melito­katakechy­meno­kichl­epi­kossypho­phatto­perister­alektryon­opte­kephallio­kigklo­peleio­lagoio­siraio­baphe­tragano­pterygon may not be the best choice for this exercise).

If you picked, say, security, and the system asks for the second fifth and eighth letters, you would give 'e', 'r' and 'y'.  If someone's looking over your shoulder, how much information do they have?  Let's fire up the old UNIX shell

$ grep '^.e..r..y.*' /usr/share/dict/words | wc -l

What this means is that there are 84 words in the dictionary on my system that have 'e', 'r' and 'y' in those positions, or about six bits of entropy.  Most of them are words like ventrohysteropexy and dextrogyratory that people are unlikely to pick.  The person who helped me set up the account in question recommended something "easy to remember".  Odds are it's "security".

If not, all an attacker has to do is guess the letters that the site asks for next time.  There's a good chance that at least one will be one the attacker has already seen.  There won't be a lot of choices for the unknown letters.  Without looking at the list, I'd bet that 'q' isn't on it and 'e', 't' and a few others cover most of the possibilities.  Even without having looked over your shoulder, an attacker would know just from the security word being English that certain letters are better to try in certain positions.

So basically you have another hoop to jump through that adds minimal actual security, but tries to create the illusion of strong security, while really just making the system harder to use.  Huzzah.


Unknown said...

I guess this 'scheme' is some variation of zero-knowledge whereby you want to authenticate over the phone to the customer service rep on the phone but not share the whole password with her. I've mostly encountered automated service that prompt for the PIN though and then redirect you to the rep... Which then asks you for you address...

David Hull said...

I can see the analogy, but the problem is that giving three letters of an ordinary English word leaks almost all of the information about the word. In fact, I'm sure there are cases where it does pin down the exact word, assuming it's in a well-known dictionary. Also, to set this up, I have to give the site the security word, so they already know it anyway.

In a zero-knowledge system, the idea is that I can prove to you I know a secret without revealing anything at all about the actual secret (always seemed like magic to me, but there are many ways to do it).

earl said...

It would seem as though the best system is to choose at random a character from the list of possible characters, then another, and another, for (say) ten characters, and write it down on a card you carry in your wallet, and then just look at it every time you need it. Of course you have to do this for each of your accounts. The answer to each of your "security questions" would also be a random string of characters, which you would also write down (someplace else, since if you had the card in your wallet you would never need them).

The point here is that choosing a secure password is not that hard, but choosing a secure password that you can remember is pretty hard. If we can remove the remembering requirement, security gets easier.