If a password is compromised, is a "similar" password also compromised?

37

7

Suppose a user uses a secure password at site A and a different but similar secure password at site B. Maybe something like mySecure12#PasswordA on site A and mySecure12#PasswordB on site B (feel free to use a different definition of "similarity" if it makes sense).

Suppose then that the password for site A is somehow compromised...maybe a malicious employee of site A or a security leak. Does this mean that site B's password has effectively been compromised as well, or is there no such thing as "password similarity" in this context? Does it make any difference whether the compromise on site A was a plain-text leak or a hashed version?

Michael McGowan

Posted 2011-06-20T01:11:38.097

Reputation: 647

Answers

38

To answer the last part first: Yes, it would make a difference if the data disclosed were cleartext vs. hashed. In a hash, if you change a single character, the entire hash is completely different. The only way an attacker would know the password is to brute force the hash (not impossible, especially if the hash is unsalted. see rainbow tables).

As far as the similarity question, it would depend on what the attacker knows about you. If I get your password on site A and if I know you use certain patterns for creating usernames or such, I may try those same conventions on passwords on sites you use.

Alternatively, in the passwords you give above, if I as an attacker see an obvious pattern that I can use to separate a site-specific portion of the password from the generic password portion, I will definitely make that part of a custom password attack tailored to you.

As an example, say you have a super secure password like 58htg%HF!c. To use this password on different sites, you add a site-specific item to the beginning, so that you have passwords like: facebook58htg%HF!c, wellsfargo58htg%HF!c, or gmail58htg%HF!c, you can bet if I hack your facebook and get facebook58htg%HF!c I am going to see that pattern and use it on other sites I find that you may use.

It all comes down to patterns. Will the attacker see a pattern in the site-specific portion and generic portion of your password?

queso

Posted 2011-06-20T01:11:38.097

Reputation: 752

4you just rendered my default everywhere password 58htg%HF!c useless, thanks a lot – Tobias Kienzler – 2011-07-06T14:33:36.393

1Wow! What were the odds? Don't go out in any lightning storms for a while. – queso – 2011-07-12T02:54:38.327

hm, I should play the lottery though :-7 (+1 btw) – Tobias Kienzler – 2011-07-12T05:57:24.380

11

It really depends on what you're getting at!

There are an arbitrary number of methods for determining whether a password is similar to another one. Let's say for example that you use a password card, and that somehow someone else has the same one (or simply knows which one you have). If they compromise one of your passwords and can see that it's just a row down the password card, they're likely to guess (maybe even correctly) that your passwords are all derived from that card in a similar fashion.

But, for most things this really isn't an issue at all. If your password on service A differs from the password on service B by only a single character, and both services are secure (e.g., store salted hashes for your password instead of the straight hash or the plaintext itself) then it is “computationally infeasible” to determine whether the passwords are similar, let alone how similar they are.

A short answer is this: If your passwords follow any sort of pattern, then yes, it is likely that the compromise of one password will lead to the compromise of others. However, that doesn't mean that it's going to be feasible to do so. As long as you:

  1. Never use the same password for more than one service,
  2. Introduce some random (even if only slightly) element into the generation of your passwords, and
  3. Never transmit or save your passwords in cleartext

You should be just fine. And remember to always have different passwords for different services—don't simply use the same password for everything, and do not even use the same password twice. It is important to guard against stupid companies that refuse to follow best practices when it comes to the storage of user data such as passwords.

Michael Trausch

Posted 2011-06-20T01:11:38.097

Reputation: 476

7

My short answer is YES. For example : strongpassword+game.com compromised,

If I am an attaquer it is really easy for me to understand the pattern you used and try it on other websites. For example strongpassword+paypal.com

Argh!....

In order to fix this I personally use:

hash ( strongpassword+game.com )
hash ( strongpassword+paypal.com )

Using mathematical properties about hash (I use sha1), knowing first password it is difficult to discover strongpassword and the second password.

If you wand more details, I made a blog entry about password security which answer exactly to your question:

http://yannesposito.com/Scratch/en/blog/Password-Management/

I also made some tools to make it easier to manages all my password, because you need to be able to change a compromised password, remember max length of a password, etc...

yogsototh

Posted 2011-06-20T01:11:38.097

Reputation: 171

1SHA-1 is no longer considered mathematically secure. – Hello71 – 2011-06-24T22:22:31.970

4@Hello71 do you have a source for that? I'd be curious to read more. – nhinkle – 2011-06-27T04:28:12.290

http://tinsology.net/2010/12/is-sha1-still-viable/ admittedly a limited case, but being able to search the first 6 characters of the keyspace that quickly on rented resources means someone with botnets and rainbow tables can presumably do a lot more. As a general rule, all other things being equal, whatever hash/encryption wastes the most CPU cycles to brute force is best. :) – Stephanie – 2011-07-11T17:03:59.447

4

This depends on what you are worried about. For a wide-scale, automated attack using credentials from one site on others, the attacker will go after the easiest portion first -- people using exactly the same password. Once that has been exhausted, if the attack is still unnoticed, the attacker will look for what he thinks are common patterns -- probably something like base password + site.

A clever attacker who is certain that her original attack (the one that got your passwords) went unnoticed would do this processing before using the passwords she mined. In that case, any predictable modification is dangerous, according to how obvious it is to the attacker.

If your password is, say, a prefix plus a random element, and the attacker suspects this, and the attacker has your password hash on another site, they can get your other password slightly sooner.

You can create your passwords by hashing something predictable, but if this practice becomes at all common or you're receiving personal attention from your attacker, that won't save you. In some ways, password strength is a matter of popularity arbitrage.

tl;dr don't do anything deterministic.

dhasenan

Posted 2011-06-20T01:11:38.097

Reputation: 310

Asked: 2011-06-20T01:11:38.097

Viewed: 1 509 times

Active: 2011-06-20T14:18:24.670