Crypto for My Mom
As I’ve mentioned to you several times, you should make your passwords safer (both from cryptographic and physical standpoints). You know that using the same password for multiple sites is a Bad Idea — once an attacker has one of your common passwords, it’s much easier for them to attack other accounts that likely share that disclosed password. And writing them down on a piece of paper is not great either.
Lucky for you, I have time to write this letter based on my knowledge from my college crypto class, and general hacking skills (see ski mask image above).
First things first, you should accumulate all of your written-down passwords; we’re going to be trashing (or shredding) them in a moment. Having passwords plainly visible (i.e. in plain text) on a piece of paper, in a journal, or on your phone is not a secure thing to do. Not even if they’re obscured (like under your mattress or translated into Chinese — you know Chinese, mom?).
“But, son,” you might say, “how am I going to remember these passwords?” Well, we have systems such as KeePass, LastPass, 1Password, and many more. I prefer to use KeePass because it is both gratis (as in brewksi) and libre (as in speech). Although it may not have the best UI or baked-in niceties like others, it definitely gets the job done. Using a password manager helps because, in an era when a person could have dozens of passwords, these tools keep your passwords private and secure (instead of just obscure). In addition, not having to remember passwords allows you to incorporate more randomness (i.e. entropy) among your passwords. Cryptographically-secure “randomness” is the best protection against attackers. (The scare quotes are for pedants who make a distinction between true randomness [the kind that occurs in the real world] and pseudo-randomness [the only kind that is available to computers due to them being deterministic].)
A Bit of Crypto
Randomness is important because as we all know, common and repeated passwords are the easiest to attack (especially via automation). If someone knows that you pick Bad Passwords (like “12345”, “password”, or “f#*k-you”), their key space is greatly reduced — making their attack much easier. A key space is the mathematical set of all possible passwords (i.e. keys). An easy way to calculate key spaces is:
- let x = number of options for a single character (e.g. 26 for lowercase letters)
- let n = number of characters in your key (i.e. its length)
This results in a key space of x^n. Making the x and n larger makes it exponentially difficult for attackers to find your key (a good thing for you!).
For example, the key space of all 5-digit numbers (including zero) is exactly 10 times larger than the key space of all 4-digit numbers (10⁵ vs. 10⁴). If it takes an attacker one day to exhaust all the permutations of your 4-digit lock, then it would take them ten days to crack a lock using just one more digit!
A more grounded example of this is like playing 20 Questions where you are restrained to just US presidents rather than, well, anything. (Using a binary search, it should take a good guesser less than 6 questions in the presidents game.)
When it comes to your security, websites may have Good Practices, Bad Practices, or a mixture of the two. Therefore, you can never be too safe, since you never know how they are protecting your data “behind the curtain.” One Good Practice is using a (secure) hashing scheme, where passwords are “shredded” and stored as seemingly random numbers that give no clue to the actual password. If a website’s database does get breached, then it is improbable that attackers will learn your actual password. If a website stores your password in plain (visible) or weakly encrypted text, they are dumb.
For example, I once forgot a memorized password for a website I used (with credit card information). Clicking on the “Forgot Password” link prompted me for my email. Much to my dismay, instead of receiving an email to change my password, I got an email with my password in plain text! This may not seem like a big deal, but it is a Bad Bad Bad Practice. First, it allows anyone with my email to retrieve my password for the site — this pretty much nullifies any encryption that was used for “security,” because a plain text email is probably associated with every encrypted password in their database. Although I checked that no sensitive information (like credit card info) was visibly attached to my account on this site, you never know what a determined attacker could exploit, especially on such a poorly programmed site. Second, this shows that the site is definitely not hashing their passwords.
Hashing is an important concept in cryptography and security. It may seem like theory gibberish, but it should make sense using this (admittedly stretched) analogy: Let’s say we have three different potatoes. The first one is an average potato. The second one is another regular potato, but wrapped in a lot of tin foil (don’t worry, it hasn’t been baked yet). And the last one is some delicious potato hash ready for brunch (see where this is going? You can think of corned beef hash or latkes, mom…). The attacker’s goal is to get a nice, raw potato from each one.
The first potato is easy. The raw potato is right there! This is like writing your passwords on paper or on your phone, or websites storing passwords in plain text. This is too easy for attackers to access. Their job is already done for them. Think if this plain potato was protecting your credit card info!
The second potato is more of a gamble. Depending on much tin foil there is, and how tightly it’s wrapped, getting our raw potato might be difficult. This is an analogy for encryption, which is a reversible way of securing information. When a message is strongly encrypted, it is difficult to determine the original meaning. In our potato example, we don’t know what the potato inside the foil looks like. However, we can (attempt to) take the tin foil off and put it on again — the potato stays the same (decrypt(encrypt(message)) = message). Since this is the case, it all depends on the wrapping technique. If it’s as easy as giving an email to remove the tin foil (ahem ahem), it’s as easy as the first potato. Other weak schemes (like if the dingus uses a decoder ring they found in their cereal box) don’t help keep you safe. This is why encryption is not the best strategy — it is very implementation dependent. If a dingus wrapped your potato, it only takes a slightly smarter dingus to unwrap it.
Salting is one way to sort-of counter this: basically, cover the potato in a special spice recipe so it is harder for the attacker to get the raw, original potato. Websites can do this by taking your password (e.g. “helloworld”) and modifying it somehow (e.g. “helloworld_dingus”) and then encrypting/wrapping that spiced potato. But beating the salt is as easy as knowing the special recipe, which is achievable if the attacker can breach the website/potato recipe safe. This second option is better than the first, but still not the best strategy.
Our last potato represents hashing, which is a (practically) one-way transformation of data. It’s clear that if I give you a latke, you’re not going to be able to get a raw potato out of it. That’s the “one-way-ness” aspect (also called “pre-image resistance”) that makes it hard for attackers to get your actual information. Even if an attacker does break into the pantry to steal raw potatoes, he or she won’t find any since we only have hashes. This is a powerful property because it is hard (computationally) to find the original message. It is important to use strong hashing functions (and salts too), because even hash functions that were thought to be unbreakable ten years ago are now commonly known as insecure. Just know that hashing is almost always the best way to go if you ever happen to be securing a website.
A quick note about randomness and key spaces: the reason that sites don’t like you using dictionary words and want you to use numbers and symbols is to increase the size of the key space. If you only use lowercase letters for a 10-character long password, there are 26¹⁰ possible combinations. This is already a lot bigger than a lowercase dictionary. With capital letters, number and symbols, we get way over 60¹⁰ possible passwords. As mentioned earlier, the bigger the key space is, the harder it is for attackers to find your password.
As a fun side note on the size-to-difficulty correspondence in key spaces, think of it as trying to find a 1-cm² key somewhere in Connecticut versus trying to find a 1-cm² key on (at least) 2.5 Earths. And that’s just with 10 characters!
Ok, so enough with potatoes and theory, let’s move onto some practicality.
Defending Your Electric Fortress
As I said earlier, we’re going to use the KeyPass protocol and the KeyPassX user interface. I like KeyPassX because it is cross-platform (it works on OSX, Windows, and if you’re feeling cool, Linux). You may also want to set up a Dropbox or Box (or any other remote “cloud” storage service) account. I use Dropbox because it gives you 5 gigs for free (more than enough for a KeePass database file), and it works with the mobile KeePass app I use. Setting up one of these remote storage services will make it possible to use an up-to-date (strongly encrypted) database file across devices (even mobile). Come up with a temporary password for your Dropbox account — we will replace it in a moment.
- Download KeePassX and set up your Dropbox sync folder.
- Open KeePassX and create a new KeePass (2.o) database. When selecting options for creation, be sure to use both a master password (something that is long and secure — this is the only password you will ever have to remember) and a key file. Using both is the equivalent of putting a key lock and a combination lock on your safe — it provides two barriers to entry.
- Store your temporary Dropbox password in a new entry in the database, and save the database to your synced Dropbox folder. (Update: while you can store the key file in your Dropbox folder, too, I do not recommend it. I suggest storing it on at least one flash drive [e.g. one on your keychain, another one in a place you won’t lose/misplace]. Thanks to Alessandro Melloni!)
- Generate a new password for Dropbox. A great feature of KeePassX is that it has built-in password generation. Click on the “Gen.” button to bring up the password generator section. I recommend using a password with a length of at least 16 characters. More (random) characters is a Good Practice. Feel free to incorporate symbols and numbers, as this increases the key space for attackers — another Good Practice.
- Save your file so Dropbox syncs.
- Change your temporary Dropbox password to your newly generated one.
- Repeat steps 4–6 for different services. Don’t repeat any passwords!
Although “big” accounts like Facebook, Google, and Amazon are important, don’t forget about “offline” accounts, like Apple and Microsoft, that may be “built-in” to your computer. Definitely reset the password on any site that has ever taken your financial information, like Venmo.
I hope this helps you, mom! This is the stuff that I “like” to worry about, so you don’t have to.
PS: Thanks to Ricky Mutschlechner for his help with this article. He actually does security research!