There are many schools of thought around how to create 'secure' passwords. While they differ in the various ways to assess if a password is secure or not, they are all united in their goal of making it harder for both pesky humans and super-powerful computers to guess your passwords. In addition, the ways of storing passwords vary depending on desired security levels.

Before we discuss ways to make secure passwords, let's take a moment to consider something called entropy. To properly understand entropy can take years, so here's a brief précis… In essence, and for our purposes, entropy is a measure of how "random" your password is. Entropy is a measure of information and, for passwords, we want as much entropy as possible since that makes it harder for an adversary to guess. Sadly there's no trivial way to estimate how much entropy is present in a password because a computer cannot know all possible context around the person setting or using the password. This is the crux of the arguments around password policies, qualities, etc.

Bruce Schneier, who is a well respected security expert, wrote a nice article on passwords.

The hard-for-humans password

"A good password consists of between ten and forty characters, with a mix of upper- and lower-case letters, numbers, and symbols."

The "alphabet" of characters which may be part of a password can be as large, or as small, as you like. One school of thought says that (a) the alphabet should be as large as possible and (b) that passwords should be mandated to have at least one of each class of characters in the alphabet.

These passwords are often very hard for humans to guess if constructed entirely randomly. Sadly humans are very bad at remembering well constructed passwords of this kind and as such they tend not to be well constructed. For example, on the face of it, 94Pr!LOR;Fq. might be an excellent looking password. Sadly if you knew that my birthday is the 9th April, you might guess the first half, and the second half is an inversion of shift state combined with a down/right migration on a UK qwerty keyboard. The first half is context which a human might guess and the second is the kind of translation which a computer will likely try quickly and easily.

However, for a moment let's consider the possibility that it were a good password, let's estimate the entropy in it. We'll be naïve and generous in our estimation... The 'alphabet' has somewhere around 100 elements, let's assume it has 128 elements and as such each character is, generously, seven bits of entropy. Our 10 character password is thus 70 bits of entropy, but we might halve that because of the repetition, giving 35 bits of useful entropy. By comparison the smallest of possible keys which computers might use these days are 256 bits so we puny humans are nowhere near and we're finding it hard to be there.

Correct Horse Battery Staple

Another stable of thought (yes, pun intended) is that a longer but more easily memorised password would be more secure. There are around 100,000 words in the standard word list on my laptop (/usr/share/dict/words) so picking one of those is, in theory, around 16 bits of entropy but let's be conservative and call it 11 bits. Four words, chosen at random, therefore have 44 bits of entropy. If you add in some capitalisation tweaking to make that estimate a little more reasonable; and then add two or three more words and bring the entropy estimate way above anything you might manage to memorise from a random password above.

Keeping passwords securely

Sadly, two parties need to keep passwords if they are to be a mechanism of authentication. The person who is being authenticated (you) and the entity who is doing the authentication (some website for example). In order to reduce the impact of a data breach, passwords will be stored hashed by sites which care. Algorithms to do this are designed to make it mathematically improbable that you can find a password purely by knowing the hash of it. In addition they are often designed to be computationally expensive to calculate in order to reduce the ease by which computers might test guesses. There are a number of algorithms which are considered good for this, such as scrypt or bcrypt which require a reasonable chunk of non-parallelisable CPU time and a non-trivial amount of memory to compute.

Sadly you can't use the same algorithms to store your passwords safely because you won't be able to recover them. We'll consider ways you can do that in a future article.