Image of the glider from the Game of Life by John Conway
Skip to content

Secure Passphrases

I just read Christer's post about creating secure passwords using a simple Linux utility 'pwgen'. Good read, and even better tutorial. However, I hope you don't mind a bit Christer, but I'm going to pick on your post a little.

pwgen creates 8-character random passwords. Using the various options, you can increase/decrease the strength and readability of the generated passwords. It provides a helpful screendump, at which you pick one, and use it. Unfortunately, you cannot alter the length of the generated passwords using pwgen (at least, not that I am aware of). Also, it's still generated to tty, even though it can be used elsewhere, which means the screen can be copied and saved to an attacking program. While 8 characters may be enough for some, it's small enough to be cracked via brute force with little effort, even if you ran pwgen -sy.

As such, I'm going to explain the concept of passphrases. The term 'passphrase' is synonymous with PGP/GPG. When using your private key to decrypt or sign a message, you are always prompted to enter your passphrase. The idea of a passphrase is simple enough: create a phrase, using a series of 'words', that is substantially longer than a password. Of course, we are talking security here, so using just letters will get you shot with a dictionary attack. So, we need a phrase that is quite long, easy to remember, and very secure using numbers, letters of both case and symbols. Creating such a passphrase is easy.

One way to generate such a passphrase is to think of something that you like to do. Maybe its a hobby or a skill. Maybe a favorite pastime, a favorite video game or anything. For example, I enjoy programming in Perl, so, I could generate my passphrase as:


As it stands, it's extremely weak, as it uses only letters, lowercase at that, and every word is in the dictionary. But, it is 21 characters long, substantially longer than anything pwgen produces. So we do have that going for us.

Now let's make our passphrase stronger. I usually tell people to replace letters with symbols and numbers when convenient and to use both cases. Let's start with putting uppercase letters in the passphrase. Every time we hit a syllable in the passphrase, uppercase that letter:


Not bad. A little stronger, although not much. Now let's replace some of the letters with symbols. When doing so, we want to make this easy to remember, so we need to be consistent. Being consistent does create a weakness though, in the passphrase. Just remember, as long as you can remember it, then make it as strong as possible. So, I'm going to replace every 'i' with the vertical bar '|', every 'o' with '%', every a with a '@' and every 'm' with a '#':


It's getting a little tougher to read, but our strength has easily increased ten-fold. Finally, lets add a couple numbers to the mix, and we'll be finished. I'm going to replace every 'e' with a '3', every 'g' with a '6' and every 'l' with a '7'. Let's see how we turn out:


That's a tough passphrase to crack, I don't care what anyone says. Now, I'm not going to be naive, and say that it is perfect. This passphrase still follows dictionary form, and the consistency of what symbols and numbers replaced what letters are consistent. This does provide weakness to the passphrase, at which case, you may want to include underscores, periods, commas, dashes, etc. between words to increase its strength. Also, you may not want to be as consistent when replacing letters with numbers and symbols. Break it up a bit, just as long as you can remember it. However, you'll find that this passphrase example is quite resilient to brute-force and dictionary attacks, and, it's easy enough to remember. My recommended result, adding a period between words, would result in a 24-character passphrase:


{ 9 } Comments

  1. Tristan Rhodes | December 15, 2006 at 9:36 am | Permalink


    Thanks for the post. I do like the idea of using passphrases, but I don't usually encrypt them as much as you. I would probably end up with something like this:


    Here is my favorite password generator. It provides all the options I need. I usually have it create 50 passwords and I choose the one that is easiest to remember.

    Password Length: (4 - 64 chars)
    Include Letters: YES
    Include Mixed Case: YES
    Include Numbers: YES
    Include Punctuation: YES
    Use similar characters: (i, l, o, 1, 0, I) NO
    Quantity: 50

  2. Levi | December 15, 2006 at 10:27 am | Permalink

    Clearly you're a bit rusty on your combinatorics. You claim that 'ienjoyprogrammingperl' is insecure because it only uses lowercase characters and contains dictionary words. Let's look at the math, shall we?

    First, let's look at the naive brute-force method assuming only lowercase letters. That's 21 characters, each of which has 26 possibilities, which gives us a total search space of 26^21 combinations. I'll let you put that in your calculator yourself, as it's too big to type, and certainly not a realistic search space. Compare this with an 8-character password using all 256 characters, which yields only 256^8 combinations. This is a MUCH smaller number, though still huge. So, a completely obfuscated 8-character password is far less secure than a 21-character password consisting only of lowercase letters in the face of a brute force attack.

    Now, let's examine a dictionary attack. My /usr/dict/words has 98569 words in it. If the hacker were to correctly guess that your password consisted of 4 non-repeated words (which is a best-case scenario, of course) then there would be 98569*98568*98567*98567 combinations. This is the same order of magnitude as an 8 character password utilizing potentially all 256 characters! In fact, it's more than 5 times bigger of a search space.

    Anyway, you can now clearly see that your assertion that 'iloveprogrammingperl' is an extremely weak password is total bunk. It is actually more secure than an 8-character random password. It is true that using extra characters that remove the possibility of dictionary attacks make your password more secure, but there is a point of diminishing returns, and I think you crossed it somewhere before your final obfuscation there.

  3. Ubuntu Tutorials | December 15, 2006 at 12:04 pm | Permalink

    You do have some good points with this post. I understand pwgen doesn't make the *best* passwords but its better than "password" or something crappy like a lot of people use.

    I've extended my post to refer to your extended outline. Thanks

  4. Lonnie Olson | December 15, 2006 at 6:17 pm | Permalink

    Thanks, I really enjoyed this. Your techniques for good, long passphrases are very good.

    Let me recommend better pass(word|phrase) generators.
    1. For strong, memorable passphrases use apg. This tool will generate strong passphrases (configurable length and strength), and can optionally print out the pronunciation key. These passwords are not in the dictionary, but are still pronounceable, hence memorable.

    2. For extremely strong, rarely used (WEP/WPA keys), long passphrases. Use GRC's Perfect Passwords. It generates completely random nonsense. It s delivered very securely over SSL.

  5. Lonnie Olson | December 15, 2006 at 6:21 pm | Permalink

    Re: Levi
    I am pretty sure his claim that 'ienjoyprogrammingperl' is less secure was not compared to very strong 8 character passwords, but compared to what it could/should be, as he later explained. You are so picky.

  6. Kevin | December 15, 2006 at 8:28 pm | Permalink

    Actually you can create passwords longer than 8 characters with pwgen. Just by adding a number, so:

    pwgen -cn 20

    Will create 20 character passwords with numbers and cases.

  7. Levi | December 18, 2006 at 3:16 pm | Permalink

    Lonnie: Reading over my comment, I admit I was a bit harsh. We ended up having a nice discussion on #utah, though, so I hope no feelings were permanently hurt. 🙂

    Anyway, I think there were some fundamentally wrong assumptions in the security comparisons, and the mathematical analysis of cryptographic things should always be considered, because these things don't always follow intuition.

    Given an 8 character limit, which used to be quite common, it was very important to avoid dictionary words and use as many odd characters as possible. Now, adding additional characters can make even passphrases with plain English phrases much more secure than any 8-character password.

    Emphasizing obfuscation when simply adding a few more words could create a much stronger passphrase is unfortunate.

  8. RTFM | November 4, 2009 at 4:59 pm | Permalink

    pwgen [HowManyCharacters like 100] [how man passwords do you need] -n -c -y --> gives me nice ones... just read the manpage

    you can even use a file's hash with -h but don't lose the file 😉

  9. Aaron | November 4, 2009 at 8:23 pm | Permalink

    i'm familiar with pwgen and the man page, thanks.

Post a Comment

Your email is never published nor shared.