01-10-2013, 10:49 AM
Hi atom, I appreciate you indulging this discussion yet again. I know it's come up many times already, hell I've been in at least three of these threads. 
My feeling is that pass phrases have become the common wisdom of the day (i.e. "correct horse battery staple" http://xkcd.com/936/) but the reality is most people still do these wrong. I don't think that looking at cracked password statistics shows a very realistic picture when it comes to trends today for passwords people care about. What we'd really need is a sample of passwords that were stored plain or reversibly encrypted for a site where people are motivated to create good passwords (say a financial service). Unfortunately I don't have a sample like this.
I frequently see / hear about people using 2-4 words in the vein of xkcd, or using 4-5 words but with common words and conjunctions like:
yellow and blue make green
Let's ignore that this a known phrase. A lot of people believe nonsense password checkers like howsecureismypassword.net which will tell you this is an incredibly strong password (it will take 76 septillion years to crack according to that site), but in reality it should be cracked by a sort of markov chain dictionary equivalent (smaller word lists in common places, or just more common words towards the top) in a reasonable time.
yellow: in top 1000 common words, call it 10-bits of entropy
and: one of the most common words in the language, 3 bits
blue: like yellow, 10 bits
make: also extremely common, in top 100 most common words, call it 7 bits
green: another 10
This 5 word phrase ends up with only ~2^40 possibilities, an achievable number in reasonable time with a fast cracker and assuming a reasonable fast hashing algorithm like MD5. Better chosen 4 word phrases end up being a bit stronger but still vulnerable, and 2-3 word phrases should be extremely crackable as long as the tool supports the length.
I fully appreciate that allowing longer passwords means slower performance (as you outlined http://hashcat.net/forum/thread-785.html), but I get the feeling that those requirements (16 GB of system ram and a performance hit of 40%) are totally tolerable to some of us, especially with all the clustering stuff you've added recently, to be able to attack what appears to be the growing trend in password selection. I believe I read that you actually created a version of hashcat that supported longer passwords for CMIYC because you were running into this limit yourself, but I can't find it now so maybe I'm wrong about that.
All of that said, I also fully appreciate that not everyone would be so willing to accept this tradeoff, which raises the burden of maintaining two branches/kernels. I won't pretend to know the effort involved in doing that for this change, but I certainly understand your reluctance to do it.
Anyway, I've gone on long enough, thanks for your patience and your excellent tool!
My feeling is that pass phrases have become the common wisdom of the day (i.e. "correct horse battery staple" http://xkcd.com/936/) but the reality is most people still do these wrong. I don't think that looking at cracked password statistics shows a very realistic picture when it comes to trends today for passwords people care about. What we'd really need is a sample of passwords that were stored plain or reversibly encrypted for a site where people are motivated to create good passwords (say a financial service). Unfortunately I don't have a sample like this.
I frequently see / hear about people using 2-4 words in the vein of xkcd, or using 4-5 words but with common words and conjunctions like:
yellow and blue make green
Let's ignore that this a known phrase. A lot of people believe nonsense password checkers like howsecureismypassword.net which will tell you this is an incredibly strong password (it will take 76 septillion years to crack according to that site), but in reality it should be cracked by a sort of markov chain dictionary equivalent (smaller word lists in common places, or just more common words towards the top) in a reasonable time.
yellow: in top 1000 common words, call it 10-bits of entropy
and: one of the most common words in the language, 3 bits
blue: like yellow, 10 bits
make: also extremely common, in top 100 most common words, call it 7 bits
green: another 10
This 5 word phrase ends up with only ~2^40 possibilities, an achievable number in reasonable time with a fast cracker and assuming a reasonable fast hashing algorithm like MD5. Better chosen 4 word phrases end up being a bit stronger but still vulnerable, and 2-3 word phrases should be extremely crackable as long as the tool supports the length.
I fully appreciate that allowing longer passwords means slower performance (as you outlined http://hashcat.net/forum/thread-785.html), but I get the feeling that those requirements (16 GB of system ram and a performance hit of 40%) are totally tolerable to some of us, especially with all the clustering stuff you've added recently, to be able to attack what appears to be the growing trend in password selection. I believe I read that you actually created a version of hashcat that supported longer passwords for CMIYC because you were running into this limit yourself, but I can't find it now so maybe I'm wrong about that.
All of that said, I also fully appreciate that not everyone would be so willing to accept this tradeoff, which raises the burden of maintaining two branches/kernels. I won't pretend to know the effort involved in doing that for this change, but I certainly understand your reluctance to do it.
Anyway, I've gone on long enough, thanks for your patience and your excellent tool!