That fact that it's even at the risk of being published on the public web should be enough to disqualify it as a passphrase for everyone.
I've had users use parts of lesser known poems or stories in some foreign language, because who would expect that, right? Turns out that's not what's relevant to a good password but rather whether it is in any available corpus.
If your passphrase consists of something likely to be in wikipedia you are guaranteed to get owned in minutes.
I memorized the win95 one (legit copy) which was easy since it was just digits (and I was way younger). It ended in 18805 iirc. Win98 was a copy from a friend and already had letters, much harder, but I eventually memorized that to. It started with g3pdy bdkv7.
Now that I think of it, a non pirated OEM windows key would have made for a great password. ;)
Sorry to scare you! I didn't think you were still using it. Honestly, it was the first thing that came to mind in terms of "culturally important serial keys"
I didn't know the well-known part. Besides, I was assuming that this was only of the multiple, multiple keys. But, it's funny how popular it is, and that so many had a reason to memorize it.
Even if you've provided information which narrows your password down to ~5,000 possible values, you've effectively handed out your password to one of 5,000 internet strangers whom you will never meet in real life.
Then consider that this is Hacker News, and how many of those 5,000 have both the skills and motivation to exploit the information you've provided.
Never give out "hints" about your password. Not its contents, not its exact length, the physical location in which you store a copy, nothing.
If giving out the length hurts anything, there's enough going wrong that you should probably assume it's already compromised.
Unless there's something fundamentally wrong with the password, a public length of n is almost as secure as a secret length of n, and significantly more secure than a secret length of n-1
Never get into the specifics of a password, but explaining the basic structure should be a tiny impact and well within your margin of safety, or you didn't make a good enough password to start with.
While you're correct mathematically, I still think it's a good habit to give zero information about your password. If you attempt to estimate the information leakage with every "hint", sooner or later you'll slip up.
My view is your secrets should be secure even if the attacker knows everything about how they are generated and used.
For example:
My password is 8192 characters long, leveraging only the ASCII character set (except \n\r\t\0)
It is changed every 28days at 11:05am
It is only used on exactly 1 website and the username on that website is also only used on that website and randomly generated as well.
Good luck
(Tell me how and where I can make this stronger)
Telling someone your password is 8 characters long and memorable vs telling them it is 8192 characters long and unrecallable are two entirely different things.
This is a very hilarious post. Bravo, sir, or brava, madam. (Revealing your gender would likely be a security risk - if you leave that unspecified it doubles the space of possibilities!) I don't know what joyless types would downvote you.
Think of it this way: assume someone is trying to brute force your password. For simplicity let's say they know nothing about it, except that its characters are randomly drawn from a 50 character pool. As they guess passwords starting with 1 character, each added character takes 50x longer than all previous guesses put together to guess all possible passwords of that length. Put another way, if they knew the length beforehand, it would only save them from testing about 2% of the overall possible combinations.
Gotcha. I guess I was unclear about what "almost as secure" meant in this context.
So whether providing your length is a tangible security leak or not is essentially a function of the size of your character pool, because if your password is short enough for n-1 to contain a significant percentage of possible combinations then it's probably already short enough to brute force anyway.
That's not right. You can make a secure password using only ABC as your character pool, if you make it 60 characters long. In that case the percentage of combinations covered by n-1 is a full third of the n character combinations, and your attacker can get a 25% speed boost by you revealing the length. But it's still more secure than a 59 character password, and far more secure than a 57 character password, and all of them are extremely secure.
A good way to look at it is to measure the password in bits of randomness. At most, revealing length can shave off one bit. For any reasonable character set it shaves off a small fraction of a bit. And one bit does not make the difference between good or borderline or bad.
What you're missing is that a 59 character password (with secret length) is extremely secure, despite the even larger speed boost.
If you worry about any speedup in password cracking that is less than an order of magnitude, your password was too close to failing to start with. Make your password 5% longer, which will make it at least 20x slower to crack, and then you won't have to care if "20x" gets reduced to "15x".
You may say "It's not harmless to give up 25%. What if I give up 25% several times? That could make even a good password become insecure." but there's a limit to how much speedup someone can get from knowing the structure of your password. And the best way to evaluate the strength of a password is to assume that all the structure is public. So I can say that my typical passwords, being 20 mixed-case letters and numbers, all have a security of 2^119. It's possible that an attacker that uses the wrong algorithm would have to guess even more, but I'm not just worried about a clumsy attacker, I'm also worried about a moderately-high-quality attacker. It's a bad idea to depend on that extra .1 bit I could get with this character set, or that extra .4 bits I could get with a smaller character set. Just assume the length is known.
I'm confused about how that has anything to do with disproving my conjecture that whether whether providing your length is a tangible security leak or not is essentially a function of the size of your character pool, because if your password is short enough for n-1 to contain a significant percentage of possible combinations then it's probably already short enough to brute force anyway. You're just redefining what "secure" means.
I think we disagree about what a "tangible leak" is. I don't see it as tangible because it's eating into a tiny margin that you never should have counted in the first place. You do see it as tangible because it might make the attacker's job faster by several percent.
And that's fine, we can have different opinions on that part.
But "probably already short enough to brute force" is definitely not right. That percentage depends entirely on character set, not the length of your password. If your password is just numbers, then n-1 always has 10% as many combinations, whether your password is 5 characters long or 200. If you meant "probably already weak enough to brute force" that's not true either. Lots of passwords with mixed case and numbers and symbols are very short and pretty weak. Lots of passwords with only letters are very long and quite strong because they're made-up phrases. You can't guess the strength of a password just by knowing the percentage of [length n-1 combos] / [length n combos].
But 10% of 100 is magnitudes different from 10% of 10,000. The smaller the length, the more each percent (in terms of entropy) matters when we're talking about complexity as a function of brute force time.
And by that metric losing 2% of 1000 is a far bigger problem than losing 10% of 100,000. I agree that length is the most important factor, I'm just saying that character pool isn't very important to final security.
You need "sufficient" n no matter what your character pool is, and knowing the character pool of a password doesn't let you reliably predict if n is sufficient.
"a function of the size of your character pool, because if your password is short enough for n-1 to contain a significant percentage of possible combinations then it's probably already short enough to brute force anyway"
This seems to say that a small character pool, aka "n-1 containing a significant percentage of possible combinations", implies that your password is "probably already short enough to brute force".
So small character pool means that "probably" the password is short/weak.
I'm saying that a small character pool does not imply that a password is "probably" short/weak.
And to be very clear: Using the size of the character pool to say it's "probably" weak is a form of "reliably predict[ing] if n is sufficient".
> So small character pool means that "probably" the password is short/weak.
I really don't know how you came to that conclusion. I never claimed any dependence between the character pool length and password length. They're obviously completely separate properties.
We'll take 60 possible characters (alphanumeric with caps and a few special characters). The summation 1...N of 60^x is (60/59) (60^N - 1). Known length is 60^N. If we assume N is big enough that the minus one isn't important, you can see going from known to unknown only increases the guesses by a factor of 60/59!
Well I was referring to the intersection between the two. Out of all of the potential people to see OP's post here, there is a much higher likelihood of at least one of them containing both the skillset and the motivation required to exploit the information than on other popular aggregators.
Popular electronics stores would do a in-store setup of your computer before you left with it. Part of this involved entering the users name and windows key.
I probably used the same key to setup over 1000 PC's when I worked there.
'Back in the day' regular formats were a pretty good way of maintaining system performance. They still are really but computers being an order of magnitude overpowered for all the tasks 90% of users do makes it less relevant. You'd be surprised how easy it is to memorize long series of digits when you enter them a few times. For instance FCKGW. Who was the president in 2001? You'll now literally never forget those 5 letters.
It was the first consumer NT-based Windows, the first with activation and this key, which let you bypass all that, was out before the OS was officially released.
Whatever way you phrased this I feel Sherlock Homes mode is happening here. And the following is tangential to the OPs headline so it may or may not be interesting to HN folk. Last week in my local paper the daily quiz asked what is the common name for "Galanthus nivalis". To my younger self it would have seemed impossible, but now that I am older and more informed (though NOT smarter) I spotted the 'gala' at the start. Hmmm. The word 'galaxy' starts with 'gala'. I remember that galaxy and milky way are somehow related. Milk is white. What flower (given it is Spring here in Northern Europe) could be white (-ish?). Aha, snowdrop! And to me (seriously) I felt utter astonishment that I was right. I am not smart. But this machine that I seem to have could do that. Well, wow to the maker that did that.
