Talk:Passphrase

From Wikipedia, the free encyclopedia

Contents 1 Copyright 2 passphrases in PGP 3 IT context vs. mainstream usage? 4 Passphrase 5 Security section 6 Entropy of passphrases 7 Portions of the text without citations

[edit] Copyright

The second and third paragraphs seem to be an exact copy of the section "What is a passphrase?" from http://world.std.com/~reinhold/diceware.html. The copyright for that page states, in part, "The author hereby grants rights for free, non-commercial, electronic distribution, with attribution, of this entire text or just the Diceware word list.", with emphasis on entire.

Your right; in fact, the original version — as of 15:05, 27 Nov 2002 — is even more similar. I suggest we just merge the ideas into Password, as a pass phrase is just a type of password. — Matt 09:12, 6 May 2004 (UTC)

Matt, True enough. But not to users. Choosing a pass phrase is rather different than choosing a password, the security implications can be rather different, and so on. I would advocate cross links and two articles despite the conceptual identity from particular perspectives. Thoughts in response? ww 14:29, 7 May 2004 (UTC)

I don't see any major differences in concept. In both cases you avoid guessable passwords, try not to write it down on bits of paper and stick them on the monitor, and have a tension between entropy and memorability. A passphrase just has a special form. We already have the line "Passcode is sometimes taken to imply that the information used is purely numeric, such as the PIN commonly used for ATM access." in Password; why not append "A Passphrase is a long password, usually formed from a sequence of words."? — Matt 16:12, 7 May 2004 (UTC)

Matt, No conceptual difference, I agree. The precedent of passcode here is unconvincing. (Perhaps I should done a wig whilst pronouncing on questions of precedent, or at least judicial robes?) I like the 'tension between entropy and memorability' phrase, though. Nice job. The 'special form' of a pass phrase is sufficiently distinct, I think. Cross refs are certainly in order and your sentence would be quite appropriate in making the point of no conceptual difference. However, choosing a pass phrase is rather different than choosing a password or passcode and readers should, I think, learn of this. As it stands the article doesn't do a good job of covering this, nor does password. On my list of course......

The reason I argue for a separate article is not conceptual difference (as there is none in my view, nor in yours; nor anybody's I would imagine) but practical difference to users. I think enough difference to justify 2 articles. ww 18:13, 8 May 2004 (UTC)

I just looked carefully at the above discussion, which took place before I started editing here, and realized someone could infer a possible copyright problem with this article. I am the owner of http://world.std.com/~reinhold/diceware.html and I hereby give retroactive permission under GFDL for whatever use was made of it by Wikipedia.--agr 12:19, 20 March 2007 (UTC)

There is a conceptual difference between a password and a passphrase. A traditional password is short, and therefore to be secure, it should be random (have high entropy). The idea of the passphrase is to maintain the same total entropy, but lower the entropy per character. This permits the use of phrases that are easier to remember without loss of security. This concept should be included in the main article. It would be better if people would read my original paper* before opining. --Sig Porter

• "A Password Extension for Improved Human Factors"

       Crypto 81 (1981 IEEE-CS Workshop on Cryptography) 
       Computers & Security, Vol. 1. No. 1, 1982, North Holland Press
       http://pages.sbcglobal.net/snporter5/passphrase/page1.html

Snporter 03:15, 26 August 2007 (UTC)

[edit] passphrases in PGP

Why are there passphrases in OpenPGP, when there already is a private key? --Abdull 22:41, 5 October 2005 (UTC)

The passphrase is used to encrypt the private key so someone else who gains access to your private key file cannot use it, assuming you have a strong passphrase and the attacker can't employ a keyboard logger or acoustic cryptanalysis or other means to discover your passphrase. --agr 23:13, 5 October 2005 (UTC)

[edit] IT context vs. mainstream usage?

I had never encountered this word — "passphrase" — till just now. What I need is to describe a multi-word (i.e. sentence) "password" used for mutual identification of underground operatives in clandestine meetings. Is "passphrase" appropriate for usage in mainstream contexts, or does it meanwhile remain strictly in Information Techonology usage, as the page seems to indicate? -- Thanks, Deborahjay 09:20, 20 March 2007 (UTC)

I think it's only used in relation to computing, its goal being to emphasize the strength of one's passwords. The reason is that computers are capable of systematically trying a large numbers of passwords by brute force, whereas this is simply not possible when trying to identify yourself to a human being. While remote systems can analogously detect brute force attempts, protecting local storage in this manner is simply not reliable, if your threat model includes the attackers gaining access to this data. Hence the need to protect your important data with a "phrase", and not just a "word". -- intgr 09:53, 20 March 2007 (UTC)

The term was invented in 1981 by Sigmund N. Porter (A Password Extension for Improved Human Factors, Advances in Cryptology: A Report on CRYPTO 81, Allen Gersho, editor, volume 0, U.C. Santa Barbara Dept. of Elec. and Computer Eng., Santa Barbara, 1982. Pages 81--81. Also in Computers & Security, Vol. 1. No. 1, 1982, North Holland Press.) [1]. So if your looking for authentic spy lingo for a novel, it probably won't do. If you are writing a paper, there is no reason not to use the word if it suits.

By the way, remote systems can not detect brute force attempts, in general, because of the way many systems pass credential in the form of a hashed password. These can be attacked off-line at very high speeds.--agr 11:57, 20 March 2007 (UTC)

[edit] Passphrase

Password: 94 characters (26 lower case, 26 upper case, 10 number, 32 symbol) Passphrase: 880,000 characters (dictionary) separated by spaces —The preceding unsigned comment was added by Bluefoxicy (talk • contribs) 06:59, 6 April 2007 (UTC).

[edit] Security section

The parts without citation in the security section don't make sense. For example: "The words or components of a passphrase need not all be, but often are, found in a language dictionary" -- if a passphrase is not a word in any particular language, that is no longer a passphrase by definition. A random collection of letters and symbols is called a password -- not a passphrase.--Musides (talk) 18:12, 27 March 2008 (UTC)

[edit] Entropy of passphrases

I'm removing a section that attempts to estimate the entropy of passphrases based on the assumption that each character has 1.1 bit of entropy. The 1.1 bit of entropy for characters in English texts are optained by letting humans guess characters taken from an article or book under the assumption that the human already knows the context from which the text was taken. Passphrases are a different scenario, hence the study has little to no relevance here. For example one can not conclude that 10 character passwords taken from an English dictionary have 11 bits of entropy (there are certainly more than 2048 English words with 10 characters). Similarly, the result can not be applied to passphrases, since these do not follow a given context. 85.2.11.92 (talk) 06:11, 28 March 2008 (UTC)

(1) Those are not estimates, but mathematical calculations; (2) these findings are widely published and used, as the references indicate; (3) there is a tremendous amount of academic research backing up this data, starting with Shannon; (4) you can't remove a section because you don't personally agree with it. In particular, the reference from Microsoft uses this data. It is not satisfactory if you do not agree with his findings; you must cite alternate sources.

The proper way to resolve your concerns is to find alternative sources, and cite those. If you do that, we can set it up as two different and competing approaches. That would be fine and appropriate. There is plenty of room for varying positions on this subject. But you cannot delete/censor material you do not agree with, and this is not a place for your personal research/opinion. --Musides (talk) 16:22, 28 March 2008 (UTC)

Ok, let's try to resolve this without going into a revert war. The problem with your "calculation" is that it makes the assumption that (A) the entropy per character of the English text and (B) the entropy per character of passpharses is the same. The entropy of English text is indeed well published and 1.1 bit seems to be in line with other publications. Note however, that this number is valid for sufficiently long text. E.g., in the reference that you gave the participants have to guess 100 characters given 100 preceeding characters of the text. If you repeat these experiments but try to guess the first 100 characters of a text too, then you'll probably notice that guessing the first 100 characters is harder than guessing the next 100 characters, which would imply that the entropy per character is higher at the beginning of the text. Hence it is unclear whether (A) and (B) are the same. So regarding your comments: (1) if you start with an unproven assumption, you'll end up with an unproven result. In particular, paper you reference does not support the claim that text of size 60 have 66 bit of entropy. (2) If your claim is indeed widely published then please give a reference for it. So far it is unsupported. (3) There are publications backing up 1.1 bit per char or similar results for sufficiently long English text. You are abusing these results for something that was not measured. (4) Wrong. You made the claim. You have to support it. 85.2.71.61 (talk) 17:16, 6 April 2008 (UTC)

(A) entropy per character is not an assumption, it is based on the findings of Shannon. We agree that this is predicated on a passphrase being a line of regular english text, as opposed to a random collection of characters; (B) Another source makes this assumption, but certainly, that source does not only make an assumption, but talks about doing it.

We both agree there is room for skepticism and critique of passphrase strength. I'm not aware of good published sources against the view outlined by the Microsoft source -- I hope you can find some. I'd love to see some good, real data on the subject, because there is plenty of room for debate.

Regarding your citation needed, this is being pedantic. You don't need a citation for basic math (do I really need to cite a source that proves 1.1 x 60 = 66)? We already have citation for the 1.1 number in Shannon, and we have citation for the method itself at Microsoft. I have no idea what you are talking about with your 3 & 4, this data is from the Microsoft source.

Look, it is okay not to agree with something -- that doesn't mean that data needs to be deleted. Instead, just find a counter-point.

--Musides (talk) 22:35, 6 April 2008 (UTC)

Musides, I do not ask for a reference that 1.1 x 60 = 66, but for a reference that this computation actually gives a relevant result and is not just based on a misunderstanding. Again, the experiment you reference uses longer texts and asks for the entropy per character given that the context from which this text is taken is known. You apply this to shorter English passphrases, which do not have any context. Hence, you misuse a result for something it was not meant for. The Microsoft source does not support your calculation either. I.e., it claims a lower bound of 1.3 bits per character for typical passphrases and an upper bound of 2.3 bits and notes that these estimates are not based on sufficient experiments. Certainly, having more data would be nice. But not having data does not mean we have to fill the gap with somewhat random speculation. 85.2.55.154 (talk) 02:39, 7 April 2008 (UTC)

Okay, let's see if I haven't resolved this debate with the changes I made. It became clear to me that we needed more references for this discussion to move forward, and what better source than NIST -- about as definitive a resource as we have. So, I added their model and the huge amount of empirical data and testing that they bring to the fore. Have a review of this, and let me know if this has resolved our issue.

FWIW, regarding Shannon. We both agree that context, or in this case length, is the determining factor of entropy. Shannon's 2.3 bits was for 8 letter words, and that varies depending on word length. NIST points out that the longer the phrase (ie context) gets, the less reliant or lower the entropy of the phrase.

--Musides (talk) 19:01, 7 April 2008 (UTC)

Yes, your latest changes improve the article and resolve my complaints. I also agree that NIST has done a good job with their publication. 85.2.1.21 (talk) 20:04, 7 April 2008 (UTC)

[edit] Portions of the text without citations

Most of this article doesn't have citations. What is the general rule/proper etiquette to wait until we delete sections without citations and replace it with researched/documented information? --Musides (talk) 20:45, 7 April 2008 (UTC)

The citation police are of one opinion, mostly the same as the OR police. The problem is that technical articles / technical content are not the same sort of animal as literary or academic content / articles. Edmund White's opinion of Hemingway's writing (or vice versa) is probably important in that context and deserves a citation. In contrast, for technical matters (eg, that iron is solid at room temperature) I think citation demands are borderline idiotic. They quickly degrade into the sort of mushy epistemology fanaticism that one finds in disputes about junk science or religious science. It does WP no good, nor its Readers, for whom we are all working.

Bare facts (eg, melting point of lead at STP) can be sourced from most anything. Something a bit more than a bare fact (eg, lead is often used in ammunition for guns) often draws fire from the same and policy statements (eg, lead should not be used in ammunition for ecological contamination reasons) do also. Only the last, in my opinion, really requires a citation. The rest is WP political correctness gone wild. ww (talk) 20:36, 11 April 2008 (UTC)

I see, so I take it you are not a big fan of citations? In any event, the reason why I bring up citations is because some of the claims made in this article are dubious. For example, it fails to properly distinguish between pass phrases as strings of texts, and pass phrases as memorization techniques. It has some dubious claims about passwords being strong, and so on.

I can see reason with what you say, but there seems to be this competing problem of edit wars of one person's opinion versus another, and I can imagine this problem is notorious in technical articles (I shudder to think about emacs, vi, etc). Citations help keep people honest, and their personal opinions/research out of the picture. In any event, I think you've answered my question: I just need to edit.--Musides (talk) 21:18, 11 April 2008 (UTC)