Would it be possible to have both login options?
Itll be possibe to have as many non-official launchers (forks or otherwise) that the market can support.
The only caveat being that youd need to login with the same one everytime unless someone comes up with some pretty fancy crypto.
I like this section of the podcast (paraphrased):
āTeamviewerās saying compromised credentials is the users problem, not Teamviewerās. But itās not: blaming users is tarnishing Teamviewerās reputation.ā
Taking this sentiment and applying to the safe networkā¦ Letās not have āusers choosing weak credentialsā reflect poorly (and incorrectly) on the underlying strength of the safe network. Safe canāt blame users. It can only help them make better decisions to start with.
Iām not fussed what scheme is used in the UI to derive the secret, but the user should be told how strong their underlying secret is. The underlying secret is only as strong as the credentials used to derive it.
As @Tim87 says about zxcvbn for password strength, letās not necessarily restrict users, but make sure they understand the strength or weakness of their choice.
It may good to display a real metric to describe strength like āYour passphrase would take about 3 years to crackā*. This at least provides a tangible incentive to the user, rather than an arbitrary sliding scale of āweakā to āvery strongā.
* even though thereās some uncertainty about the ātrueā amount of time due to the uncertain progress of future tech developments etc.
6 Likes
I mean, yeah! That gets fun when you get into the āYour passphrase would take about 12 million years to crackā range. Kind of a point of pride there.
2 Likes
What about entering a pin or whatever by clicking with the mouse on numbers generated in a random order as an extra security layer ?
This would prevent any keylogger to steal our account.
This is just an observation and perspective thought.
#####I still believe we need to plan for the future now. As strong a password system as possible while still being friendly to humans.
Currently an estimate of an average of 333mSec-1Sec is needed to retrieve your account information from the network means that password cracking will not be fast on SAFE by the very nature of its working. We are used to cracking passwords on ones own computer (windows P/W or other program.
So even a random 4 digit pin as password which requires on average 500 guesses will take at least 166 seconds (2 2/3 minutes). 6 random digits 16666 seconds (4.2/3 hours)
For a rar password or windows login we are talking in fractions of a milli second for some GUI crackers.
That is the observation/perspective of the differences between cracking a SAFE account full password and say a rar password.
Then you have to remember yet another PIN. How many people write down their pins on paper in their wallet for their cards now. My opinion for what little its worth is that random pins are human unfriendly.
And what about a keylogger that takes screen shots during that phase of operation.
1 Like
Soā¦what I got from that is we donāt need super-secure passphrases? Is that what youāre advocating? (doubt it)
Or that itāll be hard to estimate the ācracking timeā - because thatās just a gimmick anyways and doesnāt need to be at all accurate. In fact, Iād base it on something like cracking a known hashed passphrase and bit length. Give the user a scare when they realize that itās not that hard to crack ākissmyass69ā
2 Likes
The malware would need to take multiple screenshots. I donāt think that 2 passwords are human friendly neither 
1 Like
Remember grcās sqrl ? Heās pretty much ready with it. Are there implementation difficulties for this ?
Maybe itās not feasible, am I missing something? @dirvine @neo
1 Like
That is what you get from skimming a post and not fully reading disclaimers
That is always difficult. My post was just an observation and maybe some comfort that if passwords are good then in all likely hood they will be good for a long time. Even a quantium computer (as we know them) will still be limited by this lag time between crack test and result. Only quantum entanglement (uSec lag) will speed this up and its very likely the SAFE will be well and truely advanced from what we know it now.
@neo points out a fact of the SAFE network. To find a login by brute force you have to try each login on the safe network. And do it takes time, a lot of time (possibly near a second per try) so even not very complex password are extremely difficult to break.
I see more likely a coincidence, from someone extremely carefree, that the possibility of breaking a login moderately complex.
1 Like
I can imagine some one using āI love SAFEā as a pass phrase. And other simple 3 word phrases 
But of course if there is some sort of āstrengthā indicator then the user has little excuse for creating something crackable in a day/week/month or even a year
Then the 2 passwords/phrases will make it a lot harder for cracking because 2 really simple phrases becomes a lot harder to crack than one really simple one
Actually some do take many and store the changes while password phase is on
For SAFE they only need to hook into the display routine for the generated pin. Its open sourced so real easy to do.
If you read my previous posts I am also of the opinion that 2 pass phrases are confronting to humans, but call one of them something else so that the person can associate one phrase with an every day object and the other can be called a password/phrase.
2 Likes
I remember this and needs exploring. There are 2 parts to how it can be used.
- write a custom launcher and a custom USB device that can supply the keys. When login phrase is on the USB devise sends one key for the account address and then the other key for unscrambling the account info. Obviously the key transfers have to be scrambled themselves with challenge-response (SQRL) transfers so loggers cannot replay. Then to make it really good, the nodes provide the login challenge if that launcher is used and this means that the address of your account info cannot be captured from your PC without duplicating the USB device and knowing the deviceās pin
- When you use any keys on the network with APPs, SAFE sites etc.
1 Like
I remember one option to use SQRL is using a second channel to authenticate so not everything goes through the same computerā¦ scan with gsm and point with mouse ā¦
2 Devices maybe to much hassle for some, but more secure.
1 Like
Actually, RAR has been using AES (with 128 or, in later versions, 256-bit keys) so Iām not sure about that; a quick search revealed they probably use random IV (because they store it in the header) so I guess they at least do that properly. I couldnāt find info about which mode they use, though I saw a bogus reference to CBC, which would be not too good. Anyway, I donāt believe RAR can be broken that easily, and Iām not sure about newer Windows versions, either.
The zxcvbn demo page does exactly that, actually.
It doesnāt matter much above a certain limit. For example, thereās no practical difference between 10^17 or 10^177 years to crack your password, even though the numbers are vastly different.
2 Likes
fyi: a link to a recent video about password choice.
Keepass will get a code audit: nice! http://www.ghacks.net/2016/07/22/keepass-password-manager-icode-audit
1 Like
But brute force of 4 digit password or a 6 digit password still only needs 500 & 500000 tries respectively and GUI crackers do like 40 billion a second someone mentioned. Even accounting for more processing time to decode the test block its still bāfast. Much less than a second for both 4 & 6 digits.