4

On many sites we see an indicator if our password is weak, or strong, to give us a good indication to go with that password, or not.

I've been noticing on some sites, that after x amount of characters my "100% Strong" password, will turn to 0% weak, just with 1 character "over the limit." This is something that I've seen on multiple sites throughout the years, but on some this isn't an issue at all.

My questions are.

  1. is there a reason why too many characters is a bad thing, even if it's a completely random password?

  2. Why they are labeled weak after x amount of characters, even when they were very strong before that x character?

This question also ties into my other question here Are there any security advantages to forcing a password-character limit on reset, but allowing unlimited character in password-login? but wanted to separate them, as they are really 2 separate questions.

Community
  • 1
XaolingBao
  • 897
  • 2
  • 9
  • 21
  • 4
    Sounds like a bad implementation of password strength to me. In all but eccentric situations (eg: adding a `d` to a password of `MyPasswor`), adding characters to passwords will not make them weaker. – Neil Smithline Jun 26 '16 at 23:57
  • We might be able to get more information from an example. Can you point us to an example site? – Neil Smithline Jun 26 '16 at 23:58
  • Thanks for the info, and no, I don't have an example off hand... I'll have to search for one if it's something more people are curious about. – XaolingBao Jun 27 '16 at 00:00

1 Answers1

9

Password strength meters are notoriously weak:

New research from Concordia exposes the weakness of password strength meters and shows consumers should remain skeptical when the bar turns green.

In general, adding a character to a password will not make it weaker. There are only specific situations where this isn't true. For example, MyPasswor is probably a stronger password than MyPassword. That doesn't mean that adding a character always makes it stronger. For example, bcrypt has a maximum length of 56 bytes. (Note that that is bytes, not characters.) Characters added beyond that length are simply ignored when the password is stored.

As a general rule, just create random passwords using a trusted password generator or diceware, and don't worry about the silly strength meters.

Neil Smithline
  • 14,621
  • 4
  • 38
  • 55
  • You might want to add the weird case of LMHash function where using a 8 character long password might make it quite a bit easier to brute-force that using a 7 caharcters password (https://en.wikipedia.org/wiki/LM_hash) – Stephane Jun 27 '16 at 07:52
  • @Stephane: Why would that be? Yes, the password is uppercased and split in two, but wouldn't any password longer than 7 take longer because two hashes have to be cracked as opposed to 1? – SilverlightFox Jun 27 '16 at 12:47
  • @Stephane - Can you explain why that is the case. My understanding is that LMHash breaks password into two 7-character pieces and each piece can be cracked individually. But I don't understand why going from 7 characters to 8 makes cracking easier. – Neil Smithline Jun 27 '16 at 15:09
  • Sorry. It was a memory from a long time ago. Actually, it's just that having passwords longer than 7 characters do not improve security of LMHash, not that it makes it easier to crack is. – Stephane Jun 27 '16 at 15:25
  • I forgot to get back to this yesterday. Thanks for the info on this, makes sense with the d or not. The thing is, is there a security issue if bcrypt ignores characters? Couldn't there be 2 hashes that come out to be similar i.e., 1111111122222 when cut down would be the same as 111111111??? So if that's the case couldn't there be more than 1 password that fits the truncated string??? The issue with the "Strength" meter, is these sites WILL NOT allow you to put in these passwords that are "weak." So I am left with a weaker password, because the site has no clue.... – XaolingBao Jun 27 '16 at 19:25
  • Yes, it is the case that all passwords that are the same for the first 56 bytes with bcrypt (different for other hashing strategies) will match as equal. I wouldn't say that it's not a problem, just that it's not much of a problem. There is always a small, but non-zero risk of a hash collision. This is not really different. – Neil Smithline Jun 27 '16 at 19:40
  • As far as sites not allowing longer passwords, it sounds broken to me. There are few reasons for short password maximums. For example, [Diceware](https://en.wikipedia.org/wiki/Diceware) creates secure passphrases that are long (because their phrases). Sometimes short limits are enforced due to implementation problems/lazy developers. Still, it's a bad thing. – Neil Smithline Jun 27 '16 at 19:45