31

Here are two passwords:

5678%^&*tyuiTYUI

and

8^tyU75%*IuY6T&i

Both have the same number of characters and in each the characters are identical, the only difference is that the first arranges those characters in a pattern that lends itself strongly to muscle memory by following a simple geometric pattern of keypresses.

Are then any significant differences from a security perspective?

SilverlightFox
  • 33,698
  • 6
  • 69
  • 185
Toni Leigh
  • 431
  • 1
  • 4
  • 7
  • Even your second password contains keyboard patterns (`^tyU7` and `*IuY6T`), which a good estimator like [zxcvbn](https://www.cygnius.net/snippets/passtest.html) recognizes. – CodesInChaos Jan 27 '15 at 11:12
  • yes, the second password will contain similar key sequences, it's a re-ordering of the first password specifically designed for the question – Toni Leigh Jan 27 '15 at 11:45
  • 1
    Note that the linked front for zxcvbn does not accept passphrases for lack of non-alpha characters, while [zxcvbn](https://dl.dropbox.com/u/209/zxcvbn/test/index.html) accepts such passwords (which I endorse). – Leif Willerts Nov 23 '15 at 22:56
  • @LeifWillerts for me, coming from a UX perspective, pass phrases are my choice – Toni Leigh Dec 10 '15 at 00:13
  • @CodesInChaos interestingly, I didn't randomise the second string, I just re-organised the characters manually to illustrate the point – Toni Leigh Feb 25 '16 at 07:23

5 Answers5

41

Yes! Especially when faced with draconian password complexity requirements, users frequently choose passwords like the first one: keyboard progressions, keyboard walks, keyboard patterns, or whatever you like to call them. And attackers are well aware of this.

Whether conducting an online (brute forcing) or offline (hash cracking) attack, an attacker knows that the most profitable method is usually some variant of a dictionary attack: using a collection of common passwords and trying them. Pretty much every dictionary built using passwords collected from real data breaches contains at least a few variants on the keyboard-pattern method, most commonly "1qaz2wsx" and friends.

Beyond the static dictionary method, the mental algorithms people use to create these passwords are quite simple, and there are lots of programs that generate these passwords rapidly in order to try them all.

From an information-theoretic standpoint, the second password has more entropy, since each character is a random choice from a set of 16 characters. Knowing that they come from a small grouping reduces the entropy somewhat, but it still remains fairly good. The first password, on the other hand, is much simpler. You can think of entropy as "how hard would it be to explain how to type my password?" Here's how I might try to explain your first one:

On a US-standard keyboard, start at "5":

  1. Type 4 keys to the right, then return to your starting position.
  2. Hold "shift" and repeat step 1. Release "shift."
  3. Move down a row and repeat steps 1 and 2.

Compare that to your second password, which would have to have a procedural step for each character of input. There's no good way to compress it, so it has lots of entropy. Even if I know which 8 keys you've chosen, and that each of them is pressed once with shift and once without, that still leaves (assuming totally random choosing) 16! ~= 2^44 choices, meaning about 44 bits of entropy, which strangely enough is the same amount claimed by the "correct horse battery staple" method.

bonsaiviking
  • 11,456
  • 1
  • 27
  • 50
  • 1
    Another way to think about entropy in this case (which I think will make more sense to some people) is that the number of passwords which follow easy-to-type patterns is less than the total number, and an attacker is less likely to guess one from the latter set than the former. – David Z Jan 27 '15 at 05:56
  • I had 1qaz2wsx my password for a long time, selected by IT. – Paul Draper Jan 27 '15 at 07:16
  • 7
    @PaulDraper Noone else should know your password. If IT selected it for you (and didn't intend you to change it) then they are already not following best practices. – JamesRyan Jan 27 '15 at 11:12
  • 2
    @JamesRyan, true that. – Paul Draper Jan 27 '15 at 21:00
  • The most common "keyboard-pattern" password (and the most common password overall) is "123456". – Mark Jan 27 '15 at 21:40
  • @Mark 123456 requires hand movement - I've seen that a 6 character minimum often causes the most popular password to be 'asdasd'. – Peteris Jan 28 '15 at 02:08
  • i suppose fundamentally the attackers are human like me, hence being able to think of anything I can! – Toni Leigh May 27 '15 at 18:19
  • @Peteris not for hunt-and-peck typists. – bonsaiviking May 28 '15 at 01:38
  • actually, that bit about entropy being more steps is a brilliant explanation for me, at a level I can understand and explain to others, nice – Toni Leigh Dec 10 '15 at 00:15
4

Yes, there is a difference because there is a discernible pattern. Just like programming a password cracker to take dictionary words and replace letters with numbers, or adding numbers to the end, keyboard patterns suffer the same weakness.

The other issue is "shoulder-surfing". It is pretty easy to figure out what someone's password is by looking at the first few keystrokes, then simply listening to the rest.

Does it mean that the first password is useless? No, but it does suffer weaknesses that a purely random string would not. Only you can assess the risks for your situation.

schroeder
  • 125,553
  • 55
  • 289
  • 326
  • 2
    as a test, try placing your favourite keyboard pattern into something like Pastebin: http://pastebin.com/search?cx=013305635491195529773%3A0ufpuq-fpt0&cof=FORID%3A10&ie=UTF-8&q=5678%25%5E%26*tyuiTYUI&sa.x=0&sa.y=0&sa=Search – schroeder Jan 26 '15 at 21:07
  • it also finds '5678' etc, at least now. – Leif Willerts Nov 23 '15 at 22:51
1

What you are trying to do here, is create a password which is easier to remember. Problem is that attackers know that people are lazy and almost nobody uses a full random password like your second one.

To make passwords easier all people create a pattern. Like a word you know is a pattern or 6 chars from the keyboard like 123456. Attackers look for patterns people use and create brute force attacks for those patterns. To choose a good password you need to make sure you are not using any of those common pattern.

To get back to your question: Both your password by them self would have the same entropy and would be equally secure, if you ignore common passwords. But if you look at common passwords you will find your first string so the first is less secure.

But I think you don't like to compare the security of those two string but of the pattern behind it. Now it depends on how you define those patterns. As shown in a xkcd comic it is possible to create password pattern which are equally secure as a random password but easier to remember. (At least if you peak a random password from this pattern!)

For your string: 5678%^&*tyuiTYUI

You could define a pattern like: A random key and the three keys beside it. Together with shift you get with [a-z0-9] = 2*36 chars as start keys. If you do this 4 times like in your example you have 72^4 = 29.986.576 possible combinations with this pattern. The three keys beside do not add any additional entropy because they are part of the pattern. If you know the pattern you know those keys.

So with this pattern your password is as secure as a 4 character random string. Of course you can create a better pattern based on this but I don't think it would make you happy. Try the xkcd pattern or a password manager instead.

PiTheNumber
  • 5,414
  • 4
  • 21
  • 36
  • ouch, i'd argue is the sys admins who are lazy forcing all this security stuff into the hands of their users, why does GMail have hardly any password rules, or PayPal? Because they put some real effort into account security server side ;-) – Toni Leigh Jan 27 '15 at 16:14
  • seriously though, i'm looking for the most memorable but secure solution, because people are human, not robots and can't remember 20 randome characters, it looks like pass-phrases are the best – Toni Leigh Jan 27 '15 at 16:21
  • 2
    @ToniLeigh pass-phrases are great. Also password manager and public/private key systems as ssh uses are possible options. – PiTheNumber Jan 29 '15 at 14:04
  • password managers I always think suffer from a potential breach of the master password; ssh etc. is too much for regular users! – Toni Leigh Jan 29 '15 at 14:12
0

The random one is substantially stronger than the one with a muscle-memory pattern.

As pointed out several times, such as by bonsaviking, attackers know muscle-memory patterns are common, so already test for them.

I recommend thinking in terms of the same rules we use for determining the strength of an encryption algorithm. In encryption, you always assume the algorithm is public knowledge; the only secret part is the key. Likewise, you should design passwords around the assumption that the attacker knows your algorithm (i.e. "muscle-memory pattern on a keyboard"), and the only part that is secret is the particular "key" you used to walk around the keyboard.

My personal experience is that muscle-memory patterns exhibit only slightly more entropy than a password like "abcde" or "password," because "easy to type" is actually a fairly well agreed upon metric, so there are not many different patterns one will do.

Consider the classic example of always moving one character to the left, right, up, or down. If you are truly random in your direction, that's 2 bits of entropy per key, plus perhaps 8 bits for a random starting location. A 16 character muscle-memory pattern will thus have about 40 bits of entropy. That is not exactly a strong password. Consider that this pattern compares just barely favorably to plain English phrases (1 bit of entropy/character), but abysmally to a truly random character phrase (just shy of 6 bits of entropy/character). However, given that you are unlikely to memorize a truly random string of up/down/left/right, there is likely to be pattern to your choice, dragging the strength of your password more towards "single word or phrase" strength.

Cort Ammon
  • 9,216
  • 3
  • 26
  • 26
-2

It's the frequency distribution of the letters, words and associated ngrams that lowers the entropy of your selection. That is why password lists are a great tool to check against your password choice. The entropy of a pure randomly selected passphrase is more than 44 bits of entropy. Part 2 of the strategy would then be to limit the ease at which an attacker is able to password guess. What you are trying to achieve is to have as high an amount of entropy * the time it takes to input guesses.

munchkin
  • 393
  • 1
  • 5