## Creating Strong Passwords Without A Computer, Part II - The PasswordCard

Previously, I used entropy as a backdrop for creating strong passwords. It's important that you read that article and fully understand it before moving on with the rest of the series.

Continuing our series about creating strong passwords without a computer, we look at a method I've blogged about in the past: The PasswordCard. The idea is simple: carry around a card with you, that has all of your passwords written down in plaintext, obfuscated with additional text surrounding the password. Let's look at it in more detail.

The PasswordCard uses the following character sets when generating a card on the site:

• alphanumeric: "23456789abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ"
• alphanumeric plus symbols: "23456789abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ@#\$%&*<>?€+{}[]()/\"
• numeric: "0123456789"

As such, you can expect the following entropy sizes per character when creating a card:

• Alphanumeric (55 unique characters): 5.78-bits.
• Alphanumeric plus symbols (76 unique characters): 6.25-bits.

When checking the box "check this for an area with only digits", it doesn't change the search space for the already existing alphanumeric output that is default when loading the page. It only creates 4 rows of digits for easy PIN generation. Your entropy per character is only increased when checking the box "check this to include symbols".

Before beginning, let's use a sample card to work from. This is card 7327e6c258cb3d52, in case you also want to generate it for following along:

To generate a password, you would need to pick a starting location for your password. You'll notice that there are 29 columns and 8 rows. The columns are identified by symbols, while the rows are identified both by a color and a number. For each account, all you need to remember are 3 things:

• The starting location (should be different for every account).
• The direction (should be the same for each account).
• The length (should be the same for each account).

This should be easier to remember than "NyFScbUJ>X7j?", but your brain might be wired differently than mine.

Because this PasswordCard is using both alphanumeric and non-alphanumeric characters on the card, and our entropy per character is approximately 6.25-bits, and further, because we established that we need a minimum of 80-bits of entropy in our passwords, we should generate at least a 13-character password off of the card.

Wall Bouncing

When hitting a wall, when either travelling diagonally or otherwise, when you hit a wall, you could "bounce" off the wall much like a pool ball would when playing billiards:

In this case, the password would be "f+zwWYB[5\C<u".

Wall Bending

Rather than bouncing off the wall like pool balls, you could "bend" along the wall, much like turning a corner when driving on a street:

In this case, the password would be "f%efcEBnNQk7\".

Pac-Man Walls

Another alternative would be to treat the walls as a topological spheroid, much like Pac-Man. In other words, when you come to the edge of the room, you travel out the other side on the same row, or the same column, continuing in your direction:

In this case, the password would be "f+zwrpt9n2B&y".

Spiral paths

My last example shows a spiral path, starting from the same location as the previous examples, this case moving clockwise:

In this case, the password would be "fY+%FqvGYerrz".

As a strong suggestion, whatever direction and length you take for your passwords, you should keep them consistent. If you decide to do a 13-character clockwise spiral for one account, you should do a 13-character clockwise spiral for all of your accounts. The only thing changing is the location of the password. This will greatly simplify identifying each password for each account. If you change up the lengths and directions, and well as the starting location for each account, you run the risk of having a very difficult time finding the correct password for that account. If your brain has that mental capacity, then the more power to you. Otherwise, I would keep it consistent.

## A Couple Thoughts

There are a couple disadvantages with the PasswordCard, however. The first is that this is not well suited for the blind. Unlike Diceware, which can be easily adapted for the blind, this is a bit more of a challenge. While I'm not asserting that it's impossible, it certainly seems difficult to practically reproduce. The second disadvantage is the use of the "€" euro symbol. The PasswordCard is developed by a Java developer in the Euro Zone. While it makes sense for him to include the character, it alienates those that don't easily have access to it on their keyboards, such as those using the basic ASCII character set. As such, you may want to refresh your browser, generating random cards until you find one without the "€" character in its output.

## Conclusion

I personally like the PasswordCard. It's simple, small, and doesn't require me to carry a lot of items with me, such as dice and a large word list. My only concern is being able to choose a new starting location for each account. I'm not as random as I would think when finding a starting location, so I wrote a script to handle that for me. But it's clean, out of the way, and works really well. When I don't have an account password memorized, I can pull out the card, remember where it starts, and just start typing. Generation is quick, and remember password locations is easy. Highly recommended.

1. Aaron | May 2, 2014 at 12:23 pm | Permalink

If an attacker acquires your card, there are only 224 possible starting positions. If we assume the user limits direction possibilities to the toroid pac man style universe, there are 8 possible directions. Assume the user uses 1 to 16 characters. That's 224 * 8 * 16 possible passwords to brute-force. Add in the two spiral possibilities, and that only quadruples the search space. The other wall bounce, wall-bend options only increase the search space a little. Conclusion: IF your password card is discovered, brute-force search space is going to be VERY SMALL.

2. | May 3, 2014 at 7:36 am | Permalink

Your math is a little off, but you are correct. The search space is small. Probably half million, give or take. However, you are forgetting that if the card is lost then found, the attacker needs three things:

For #1, this is possibly easy to find given they might have your wallet and can search for you online. If you're like me, you are very visible on the Internet and easily searchable. Finding many of my accounts shouldn't be difficult. Unless you left your card on the table at Starbucks, or at the library, in which case you're anonymous.

For #2, they absolutely must know #1. For sites that allow you to recover your username, they'll email the account tied to the username, email an alternate account, call a phone, or ask security questions. If you are like me, you'll lock the security questions down, making them impossible to recover for an attacker - https://pthree.org/?p=2338. In the other two scenarios, you'll be notified someone is trying to recover your account.

Finally, all 500k passwords must be tried for each online account once you've successfully identified which accounts and usernames the person owns. Many sites will lock accounts after a number of failed password attempts. This is assuming that the account does not support 2-factor authentication and that the user is not taking advantage of it. The 2-factor auth list is growing daily. See http://twofactorauth.org.

The only value this password card has to an attacker, is in offline attacks, such as password database leaks, and that's assuming you have an account with the database used on the offline attack. Online attacks are just too ineffective and require too much time.

So, while you're right the search space is small, the security really isn't compromised all that much for the convenience that the card provides, and there are extra measures you can take to secure your account, such as using 2-factor auth, hashing security questions, and keeping additional email addresses and phone numbers up-to-date.

3. Jack Zielke | December 4, 2014 at 12:15 am | Permalink

I like the idea of PasswordCard but I do not like the idea that the key is logged in his web server logs (key is in the get request). If you use the default non-ssl site any caching proxy between you and his server will also have the chance to log the key.

He has the Java code freely available on the web site so you can generate the cards locally. If you do this you end up with text output in a terminal instead of a colorful card. I wrote a page in PHP that will generate a card that looks really similar but without handing the key to other people (if you run it locally). Running it from my site is no better!

https://litterbox.boomkitty.com/pass/
Go there, download card.tar.gz, decompress it on a local web server, enjoy your locally generated card. You can still go to passwordcard.org and generate the same card if you need to.

I also added a passphrase option/suggestion.

4. Peter Kreutzer | May 2, 2015 at 10:50 am | Permalink

trying to get this code running on my home linux web server.
have decompressed the archive
-rwxr--r-x 1 root root 4619 Nov 25 18:49 card.php
-rwxr--r-x 1 root root 5340 Nov 26 21:15 index.php
-rwxr--r-x 1 root root 7680 Jul 20 2011 PasswordCard.jar
-rw-r--r-- 1 root root 3107 Nov 24 05:21 template.png
and can access it on the webpage.

unfortunately the card stays empty when pressing generate button.
i have checked the jar code on the server. So java is installed and card is printed on the stdout.
Any idea what i am doing wrong

5. user1 | April 3, 2016 at 1:01 am | Permalink

@Peter Kreutzer

Did you ever get this to work?
I am experiencing the same problems as you describe??

Your email is never published nor shared.