Discussion about the password requirements in SAFE Launcher

ROFL, so you are saying that you can compare two hashes and say that their plaintext are similar?
Really?
And you said you have written software for password management… omfg.

Well I guess that explains a lot of the nonsense you are saying, and I am clearly I am wasting my time here.
Regards,

PS: The biometrics I mentioned are quite specific and doesn’t require specialized hardware, go find out what I was talking about and google it.
Btw, I am not saying that it should be implemented right away, but it is a very interesting solution.
And yes, I tested it myself and they are so impressive that seems almost magical. Not invulnerable, but adds a very interesting layer to identify a user.

Actually, since the password never leaves the users computer, the software (local) could do the comparison. But thanks for giving another sarcasm-laden response to a sarcasm free one. It really improves the entire discussion. Seriously. See? You’re not the only one who can do this.

Regardless of the wonders of the biometrics you mention, passwords work today. They work well today. Implementing them won’t delay the network significantly, nor are these biometrics necessarily needed, i.e. we can launch without them. Passwords are NOT holding the network back, it is features that need resources to test and implement. You are underestimating how much time and resources (coders) implementing ANY NEW FEATURE takes. Again, my experience in software development is where my wariness comes from. You do not reinvent the wheel on time critical projects. You lose funding and market-share that way.

I hate to be off topic but, honestly from this discussion it seems accurate:

A lot of value can be attached to those credentials which in normal circumstances are accessible to beneficiaries upon death etc …so we dont want them expiring.

Have a Yubi as a component of your will and in launcher enable the option for 3 way authentication whereby you need 2 of 3 to login in any combination. Password, Yubi 1, Yubi 2 and give Yubi 2 to an Executor.

Use Yubi 1 + Password during life and upon death, the 2 Yubis can open the box.

Interesting, I had no idea what a yubi was until I googled it just now. However, I don’t like the idea of an extra piece of hardware being necessary to use the network. Perhaps, a dead-man switch can be set for accounts instead. If you don’t reset your password by a certain period after the year has passed, then assets stored in your account can be forwarded to a preselected address/wallet of a beneficiary. That way no loss of value, and no extra hardware required. Yes?

And in the end, no matter what is enforced password/passphrase wise by the official launcher, a modified launcher can turn off the enforcements.

So over enforce or require biometrics (which many reject and often beaten easier than passwords) in the official launcher and an alternative launcher will be hot on its heals that removes the enforcement. So choose wisely what is and is not enforced.

Doesn’t matter how good or bad certain methods are a launcher will be made that suits the majority, even if it is a soft forked one rather than the official one.

A beneficiary is not guaranteed to have a wallet or desire one and if I’m indisposed, detained or otherwise and cannot access my account, I don’t want such circumstances to trigger a transfer of assets.

A password is mandatory at present and there should be a wide range of choices for a 2nd, 3rd… factor.

The scheme I described would be the one I would use at this point, given the option

You could choose to have password reminder messages enabled as well as a pointers to personal security information, I agree.

It is REALLY baffling that everyone here is still pushing the idea of changing passwords.
This is a very old concept that is proven again and again to be detrimental to the security.

Really, rebuttals seems to be purely rhetorical because and it is evident that it doesn’t come from real world experience.
It is also baffling that what I am saying is COMMON and BASiC KNOWLEDGE in security, and yet you guys seems to be oblivious about it. (and even more baffling, mock me for it? really? wth)

I am tired to repeating myself, maybe hearing the same shit I said over and over but from other people’s mouth might enlighten you somehow:

Really, do I have to keep going on?
Forget the password expiration nonsense for once, for god’s sake.

I think you find they did give up forcing people to change their password.

Do you think people should not be allowed to change it. Or just not have mandatory change.

I read through your first link. And right off the bat I found it completely unrelated. First, the weakest reason why its unrelated is because Safenetwork is going to solve the password problem. Much of the argument against passwords is the fact that you have to have so many of them. Well, with safenetwork this is not the case, as its one password to access the entire network of apps, websites etc. Once you’re credentialed you’re in. So that is no longer a problem.

The second, much stronger reason, is that that research is completely contrived. Offline attacks are EXTREMELY difficult to pull off in real life, safenetwork or not. You actually have to steal the password file for them to work. If you cannot you can kiss cracking the network goodbye. The third reason is related to the second, offline attacks are IMPOSSIBLE on safe network. There is no master ‘password file’ stored somewhere to be stolen. So the objections present in that article do not apply at all because a cracker would need to go through the traditional login process. After so many attempts, you could be prevent from trying again for a period.

In short, of all of the complaints you have with passwords, none of them apply to safe. The safeNetwork gets around them quite nicely by removing the need for multiple passwords, and removing the ability for them to be stolen. In the case of the safe network, I stand by my claim that this is overengineering, especially when considering that we need the safe network yesterday.

Edit: the same criticism applies to your second link: Maidsafe returns password management to a useful level by removing the need for multiple passwords, thus decreasing the potential economic cost to users born by password management. If you only have to change your password once a year and its the only password that gains you access to everything, then you are no longer economically disadvantaged by network security as the cost is minimized dramatically.

And because the network is secured by many layers of encryption, it decreases the actual cost of attacks to near 0. The funny thing is that your second link basically lays out the security research community because their advice is excessive, costly to the user, and not guaranteed to work. Yet, we’re supposed to trust that this biometrics push won’t fall into the same trouble!? Once you drop the ball enough times, you don’t get to dictate future courses of action. Summarily, all the people who care about password attacks are NON-maidsafe users. Banks, institutions, CENTRALIZED SERVICES. Decentralizing the net and client-client interaction seems to have an added benefit of removing the security risk of password attacks. Who’da thunk it?

Edit 2: Your third link does better in that it analyzes both offline and online attacks. However, their strongest results continue to be in ‘offline attacks’ which as already stated cannot happen in Safe. Also, where it fails in regard to this discussion is that it revolves around transform-based approaches to password security (charlie01, charlie02) etc. But we’ve already discussed that this can be easily prevented by requiring a stronger new password. Further, as your link points out, not all transformations weaken passwords equally. Charlie01->charlie02 might be easy to arrive at via algorithm; however, cherlie21 is a completely different story. Increasing the difficulty while maintaining user-familiarity. Also to be noted, they could only break 17% of passwords in an online attack. Which is due to transformations to passwords making them easier, which is solved by requiring stronger new passwords. Not necessarily removing the idea altogether.

You clearly don’t understand the implications, in short you only see the trees and don’t see the forest.
Also, you don’t seem to understand the actual conclusion from these papers.

This has nothing to do with offline/online cracking, that is incidental. The true issue is about the quality of the choices that frequent password changing generates.
In any case, if you failed to understand it up to this point, it is really a waste of time for me and everybody else here in this thread.

Just make one password, make it have strong entropy and never change it… until it gets compromised.
That is way more secure than having a bunch of mediocre ones changed frequently.
You are quite a contradiction, you claim you want to simplify removing multiple passwords, and yet you want your users to remember new ones periodically.

Why do you want to insist on this when there are more creative ways to strenghten the security while giving ZERO overhead to the user?

No, I understand the implications. I don’t have trouble reading. The actual conclusions from the papers are limited to their areas of research, anything that obviates their fundamental assumptions will obviously prevent the same research from being used to draw conclusions in the new scenario. This is logic 101; if your premise is true, and your conclusion follows from your premises, then your argument is sound. However, once your premises stop being true, your argument no longer is sound and thus doesn’t apply.

In other words, this has everything to do with offline vs online. The success of the crack attacks dropped significantly (from ~40% to 17%) in online vs offline attacks. In Computer science, and life in general, 23% is a huge deal. So calling that incidental is pretty disingenuous in this discussion. The issue that you’re bringing up, quality of choices, is exactly my point. This can be solved by a simple comparison algorithm. If you can crack 17% of passwords algorithmically because of the similarity of the transform, then you can likewise algorithmically determine if a password is susceptible to such an attack and implement simple, easy to use measures to mitigate that risk.

Furthermore, a once a year password change is not frequent. And remember that that is not even a guarantee, it was only suggested as a mediation for a hypothetical attacker willing to spend a year and a half cracking maidsafe passwords. I’m assuming that that assessment is correct here; the research in your link was far more successful and took much less time than that. Which is due to them having access to the network that they wouldn’t have in Safe.[quote=“piluso, post:224, topic:10460”]
Why do you want to insist on this when there are more creative ways to strenghten the security while giving ZERO overhead to the user?
[/quote]

Because ‘more creative’ doesn’t mean better. Because more creative means more time spent developing. Because ‘more creative’ means less familiarity to the end-user. And because the simple solution to your main criticism, transform-based user password renewals leading to easier cracking, is to implement a transform-prevention algorithm. It is not necessary to reinvent the password, here on the safenetwork in order to solve this relatively minor issue. Especially considering much of Safe already solves this issue by its design.

I agree with you.

My bank does this and i have pretty much ran out of passwords now, so that i came to the point where i had to start writing down my forced and newly invented passwords, which by itself is a huge security risk.

So i also would advice, avoid it.

All the best

[quote=“andreruigrok, post:226, topic:10460, full:true”]

My bank does this and i have pretty much ran out of passwords now, so that i came to the point where i had to start writing down my forced and newly invented passwords, which by itself is a huge security risk.

Writing down passwords is not necessarily bad if you use a “mask”. Example:

Wrtie down the password “H3av3nknowshow” as "- - a v - - - - - - s - - - "

Even if someone pilfers your handwritten note chances are, they wouldn’t figure out the password. This is a Level 1 ploy, for sure, but very effective in most cases.