Password security - Another idea

[Doug Gwyn]

In article <4547 at xenna.Encore.COM> bzs at Encore.COM (Barry Shein) writes:
>I claim you'd be better off spending your money (guards cost money,
>no?) on a better door and lock rather than having to worry about the
>door, the lock and the guard too now.

Quite apart from the dangers of reasoning by analogy, you miss some
of the points about locks and encryption that are understood by
professionals (both good guys and bad guys) in those fields.

Locks serve a number of functions.  Ordinary residence locks should
be part of an overall residence security design sufficient to
convince the typical random burglar to go elsewhere where there
are easier pickings.  Prime targets, say for industrial espionage,
should impose a net expected cost/difficulty/risk of access in
excess of the value beIng protected; combining several defenses that
individually aren't quite good enough generally will suffice.  On
other occasions, it is more important (perhaps for insurance
reasons) to obtain concrete evidence of entry than to make entry
harder but undetectable when it does occur.  All these examples
provide useful analogies for points that could be made with regard
to password security.  Note also that the layman, and even many
locksmiths, are poor judges of what constitutes a "better" lock.
I've been known to "waltz through" supposedly maximum-security
locks; in one case, simply rapping a highly-rated padlock in the
right spot with a piece of wood would cause it to pop open!

Similarly, laymen and even the "professionals" in the open
cryptological community often cannot properly evaluate the
strength of a proposed cryptosystem.  When I hear discussion
of how long a "brute force" search would take, I tune out;
sure, the system needs to be good enough under a brute-force
attack, but that is by no means sufficient.  In fact actual
cryptanalysis normally reserves brute-force searches for
those cases where more clever analytical methods have managed
to drastically narrow the space to be searched.  Time and time
again, "proven secure" cryptosystems have been cracked by good
cryptanalysis.

The moral, if there is one, is that it is hard to reliably
judge matters of security, and one should enlist the aid of
experienced security defeaters in the process (preferably
professionals).

The other major point is that combination of several good
defenses can result in an excellent defense.  Thus, making
the encrypted passwords unreadable is much better than
either leaving them readable or using a shadow file of
unencrypted passwords.