Thursday, June 7, 2012

Easy to remember passwords that are hard to break

I had a conversation with a colleague of mine where we were discussing the difficulties associated with breaking multi-word passphrases and how we might be able to simplify the process. We determined that given some knowledge of the person and being able to use online resources to create a wordlist could be an effective means to get some results. He was able to use Twitter's API to create password lists that include multi-word passphrases. If you haven't seen it already check out his article at

This post is more oriented to those that want to know what makes a good password and what pitfalls to avoid in our own passwords.

Today I'm going to cover 3 areas that make passwords difficult to crack. 1) It's not a popularly used password (I'm looking at you password123) 2) It's hard to bruteforce and 3) Mangling rules don't remove the complexity of the password.

1) Not a Popularly Used Password

There are many password lists out there that are very good at catching the most popular passwords that are used. In my previous post I used a 37GB wordlist that was sorted by popularity. Most passwords in use today mainly consist of a word with some kind of random characters put at the beginning or the end, consist of a "keyboard walk" (I.E. qwerty), or simply numbers. If your password is 12345, password123, 123goaway, etc. consider changing your password.

2) Hard to Bruteforce

This is simply a question of math. Every character of a password gives you X^Nth possible combinations where N is the number of characters in the password and X is the total number of possible characters that could be in the password.

For example, a password of 12flux would give you an X of 36 and an an N of 6 (26 for a-z lowercase and 10 for numbers) which gives you 2176782336  possibilities. When using hashcat I was getting a little less than 1/2 a billion tries per second so this password wouldn't even take a full second to crack. Now if we do a longer password utilizing numbers, lowercase and uppercase letters, and special characters which we'll assume to be all the ascii printable characters comes to 95^N. Let's assume the password is Elv1s lives@. Theoretically this would give you 12^95 or 3.328268652×10¹⁰² possible combinations. Assuming we're cracking at 500M passwords a second that will take 2.110774132×10⁸⁶ years...that's a pretty long time. But this isn't always perfect which brings us to number 3.

3) Mangling Rules don't remove complexity

Since it is usually a better tradeoff to compute the possible changes to a core word (I.E. add numbers before the word, after the word, etc.) instead of having to store every possible combination; password cracking programs like John and Hashcat have the ability to specify mangling rules to modify the words in the wordlist. Mangling rules can get quite complex and make it possible to guess words that wouldn't be found in a simple wordlist. For example, many would think that  P4s$W0rD is better than password because you have more complexity. While this would be harder to bruteforce, with a mangling rule removing l33tspeak would catch this password rather quickly. Here is just a small list of the mangling rules that are used. Keep in mind that several of these can be used at the same time.

  • "L33tspeak" mangling
  • Adding numbers to the beginning of the word
  • Adding numbers to the end of a word
  • Reverse the word
  • Change to upper/lower case
  • repeating the word
We've also been seeing a lot of success creating phrases by indexing books and turning them into a giant wordlist. Don't just use a phrase from a book! Another attack vector that can be used is a combinator attack. It utilizes two dictionaries and tries all possible combinations between them with mangling rules inbetween.


When picking a password, think of phrase that will be easy enough to remember, but hard enough to avoid these kinds of attacks. Shocking nonsense can also be helpful. How hard is it to crack My1gr82day was great! ? Bruteforcing isn't going to be very effective against this password and a combinator style attack would still have a hard time guessing this. In all, this would be considered a safe password (except now that it's posted on the's not...go figure).

No comments:

Post a Comment