From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-186380-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id A1E56138334
	for <garchives@archives.gentoo.org>; Wed, 13 Feb 2019 21:50:47 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 3B3BFE098F;
	Wed, 13 Feb 2019 21:50:40 +0000 (UTC)
Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id C0A37E0971
	for <gentoo-user@lists.gentoo.org>; Wed, 13 Feb 2019 21:50:39 +0000 (UTC)
Received: by mail-pf1-f194.google.com with SMTP id g6so1804187pfh.13
        for <gentoo-user@lists.gentoo.org>; Wed, 13 Feb 2019 13:50:39 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=gft9YzSfu+GR4MotNdMtyp0522xHMAOZPnATI+Sv4jo=;
        b=m8JJrZ6J2HStLhShJHhkf+ey5w0iCpR+n6tvGFNPA6SyeQC/uio2D3Y6f4TcyE1nlq
         p4Ocpm6fGaD6P7RZ2UsoC1LObk/vipx1eS4E8ssjfIhrkvTsJNCfhLUqHsFRllqVxf8u
         cI1+nkUZ3zIRtoxQnxhokOs8MSfilFSX4mw8Df1Q8UPL6V1VQLlaCMUdmiwMc3Y9r2cx
         jKgMbRR4F5SIBZkACn/dQblGeC0N/VaKA/RZVpk1Y4wqAX4WP2iimNbHQ0Sk3boAOu7O
         FszKuVr/2qHEqmL6WU+Lk1mJpKbUItG9BM+6ee4GL9TeG7YQ89nTnu+DydYcoD/cRZO3
         83og==
X-Gm-Message-State: AHQUAubmPipJtFaNtR9MJ9OCBxQs9z7NzSKaU155j/mwHD/92GGn+JI2
	vjg83McQwEpPN0dUtPBE+xR70RTr576NEKTWfE6VkQ==
X-Google-Smtp-Source: AHgI3IaBQPJUV/bCNtqlH8bpFum4UXY8Tno0heoZY91eAXvFGtB7pEQ67rZs+v7PfCovzvnIZ3ougnQUoTjKpV0QCo0=
X-Received: by 2002:a62:36c1:: with SMTP id d184mr342554pfa.242.1550094637986;
 Wed, 13 Feb 2019 13:50:37 -0800 (PST)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com>
 <q396ju$21hg$1@blaine.gmane.org> <4T37M4RU.7P6POHFW.VWXHN7BS@VBETV3G5.Q4J4WRJ3.XBFRTPM4>
 <CAG2nJkNMf5zV1ZS-w+e3r9DtQoiK0GLM9M3noHPbmuJ1C1xCLg@mail.gmail.com>
 <20190205211653.57d0b0dc@digimed.co.uk> <e5f77659034708cbeebc30cac6e1d4f5@lists.openqmail.org>
 <CAGfcS_kR8z5v0Vy++6+NADEZZ_L-KQeptHZ6sJtMSoGof4rSww@mail.gmail.com>
 <CAG2nJkOWPNVCsVr2b3JGKmCH2+CqMUm0N9Zw4hA8Xk_NR0Bo6Q@mail.gmail.com>
 <CAGfcS_=bszv=CWnDtrRzdaOWv1s8gG0paEZ=5wLvxnBy_rmESw@mail.gmail.com> <CAG2nJkMbj2q2+N0auRFZkT6kLtKOw-6VHYkLPJvDfGhr=Q_hHg@mail.gmail.com>
In-Reply-To: <CAG2nJkMbj2q2+N0auRFZkT6kLtKOw-6VHYkLPJvDfGhr=Q_hHg@mail.gmail.com>
From: Rich Freeman <rich0@gentoo.org>
Date: Wed, 13 Feb 2019 16:50:25 -0500
Message-ID: <CAGfcS_mFSoSzJ=MKSbVEkBdb60QM-PJP5nZpacuk3oAU7obkpQ@mail.gmail.com>
Subject: Re: [gentoo-user] Re: Coming up with a password that is very strong.
To: gentoo-user@lists.gentoo.org
Content-Type: text/plain; charset="UTF-8"
X-Archives-Salt: 5f06ffe9-ddee-420e-878b-b6a1e3b30d41
X-Archives-Hash: 54854ffb24c72f8df21492b337e4e882

On Wed, Feb 13, 2019 at 4:34 PM Mark David Dumlao <madumlao@gmail.com> wrote:
>
> On Thu, Feb 14, 2019 at 3:18 AM Rich Freeman <rich0@gentoo.org> wrote:
> >
> > If you instead let the user code their own algorithm, then while this
> > increases complexity, it also makes it easy for users to shoot
> > themselves in the feet with an insecure algorithm.
> >
>
> And on second point, you can completely automate simply running
> lesspass, whereas to automate cracking an unknown algorithm you would
> have to automate writing arbitrary programs, which is in theory
> reducible to the halting problem. TLDR: you probably can't.

Only if the algorithm the user chooses is secure.  If they pick
something equivalent to ROT13 then the attacker's problem becomes
easier.

That was my point, and users aren't necessarily good at picking secure
algorithms.

Now, if they just copy/paste one off the website, then they become
open to attacks that check the commonly used algorithms.

> > The problem with "as-needed" is that you have to remember which
> > accounts use which master password.  That sounds simple until you have
> > 100 different accounts.
>
> In the algorithmic approach, you don't have to change your master
> password per iteration. Your algorithm can take iterations into
> account to use the same secret to generate an Nth iteration. For
> instance, using iteration numbers as part of a site-specific ID.

Of course, but my point is that if you ever DO have to change the
master password it is a mess.  Maybe you have to change it because
somebody beat it out of you with a hose.  Or maybe you accidentally
typed it into the wrong window.  Or maybe somebody stole it with a
sniffer.  Or whatever.

My point is that if it fails then it is more painful to recover.  If
you lose your master password on a database-backed solution and the
database isn't compromised, then you just change your password.  If
the database is compromised then you also have to change all your site
passwords, but as you change them the database maintains state and you
can forget the old master password the moment it is changed.

It is just a pro/con of the approach - individuals can judge the overall merits.

-- 
Rich