Passphrase 🌐 Life

Because I don’t trust online analyzers any more than you do—especially ones that don’t clearly explain themselves. Are my credentials being recorded? How can I know? How is the strength of my password determined? Where’s the math, and the explanation of all the calculations? What about professional password crackers and pen testers: is their approach taken into account during analysis? And will I be warned if I’m easy prey? Further, is my online privacy and anonymity respected?

Frankly, these are a few concerns many people should have some people may have I have when consulting an online password analyzer. For myself, I wanted a service that:

  • Doesn’t actually know the password I’m checking
  • Won’t record anything I type
  • Gives me step-by-step analysis
  • Warns me against dangerous patterns
  • Provides lots of different testing options
  • Endeavors to instruct and tutor me
  • Uses a current and realistic threat model
  • Respects my privacy

From “The Password Meter” to “How Secure Is My Password,” from “LastPass” to OWASP’s “Passfault,” no such service existed.

So I created my own.

According to the glossy brochure, “Passphrase Life is a secure, no‑cost, configurable, self‑directed audit, analysis and strengthening service for online credentials.” But there’s only so many adjectives you can cram into a description, right?

Passphrase Life shows realistic password strength. It tells you how long your passphrase will live and it explains why. It is versatile and suitable for casual users as well as system administrators and security researchers.

“Better” is subjective. Let’s examine how Passphrase Life is “different” from other analyzers.

For one thing, it distinguishes between a truly random password and the kind you just made up (no matter how intricately you cogitated). These are two separate animals, and each of them must be measured differently.

Secondly, the analyzer detects patterns in your password that make it weaker. Keyboard walks (shifts, rows, jumps, gaps and mirrors), hashcat topology masks, password sequences & rotations, and L33t substitutions are all checked for.

What’s more, Passphrase Life fully explains the composition of your passphrase, such as the amount of graphemes and codepoints (a must for non‑English languages); the character set, complexity and keyspace; and the average number of guesses a successful crack will take.

Going further, the analyzer tries to correctly parse the prevailing contents of your passphrase by determining if it’s a word list, a keyboard pattern or unassociated text in order to correctly calculate the strength of your credentials.

For those who appreciate the academic research of language entropy, Passphrase Life lets you select four different presets (from metrics derived by Shannon, “the father of information theory,” to the recent work done by Takahira and others).

Do you need to know if a Chinese supercomputer can crack your password? How about the NSA? The D-Wave, anyone? Perhaps you’d like to see the difference in strength between your passphrase with patterns, and without. What about including full Unicode—how much stronger could your password be if it contained foreign glyphs or emoji?

As you can see, this tool helps you explore a variety of What-If scenarios.

Concerning web accessibility, Passphrase Life responds to voice control prompts and commands. Every analyzer control and setting can be selected, set, checked or clicked using speech recognition. (Currently available using Google Chrome only.)

These are just a few examples of how Passphrase Life stands apart from other online security analysis tools.

Absolutely!

Passphrase Life uses no server connection for analysis. That means everything stays right in your browser. You can view the page, disconnect from the Internet, and go to town because it will still work perfectly—even offline. Your tested credentials are never stored (no cookies, no localStorage, no web databases, no hidden files and no BS).

Unlike other analysis websites like OWASP Passfault (which isn’t secure at all), Passphrase Life is protected with a 4096-bit TLS security certificate (for secure encrypted https connections).

All of these reasons afford you peace of mind when using Passphrase Life to test your actual credentials.

And isn’t being able to test your real password the point?

Because you type it character by character, not as a whole word.

Many analyzers have a “Submit” button—a dead giveaway the service knows exactly what you’re checking (I’m looking at you, OWASP Passfault). With Passphrase Life, analysis takes place in your own browser as you type. You could keep going 20 letters after your tested credentials, and the analyzer wouldn’t be the wiser.

There’s only one that matters: an offline attack against a full database breach.

Your password doesn’t need to be too strong to be protected against an online attack because most services will throttle the assault. An attacker has three or so guesses to get lucky before a red flag is raised, whereby the service provider alerts you to the possible intrusion attempt. An offline attack is very different.

In an offline attack where assailants have managed to download the entire database of accounts, they are free to chip away at your credentials at their leisure because the service provider probably doesn’t realize a breach has occurred in the first place. That means you don’t know either.

It is commonplace for breaches to remain undiscovered until after the attacker dumps the cracks or tries to sell them—sometimes years later (for example; 2 years for Yahoo!, 4 for LinkedIn). Until then, the service provider is typically clueless. And for breaches that go unreported, your credentials can be vulnerable much longer.

Sadly, there’s also no guarantee they used a decent, secure hashing algorithm to protect your password while in their custody. (Yahoo! used the notoriously weak MD5 hash, while LinkedIn stored unsalted SHA-1 hashes!)

Even if a strong hash was used, it can’t miraculously protect a weak password. (You see where this is going.) The only thing that matters is whether your credentials can withstand a dedicated attacker who has several years to put your password under a microscope.

With Passphrase Life, there’s no guesswork. You can know for a certainty your password is strong enough to withstand this kind of attack.

No analyzer can know that. But Passphrase Life can conveniently help you find out.

You can check whether your credentials have been reported found in any public database breaches; such as Yahoo!, LinkedIn, eBay or Sony, Equifax, Target, Home Depot & Adobe. This is one of the few times an external server is contacted. This is for password lookup only, and is explained in important detail below.

NOTE: Passphrase Life is safe to use when analyzing your actual passwords, keystroke by keystroke, because no data is sent to a server or stored in a cookie. In other words, the analyzer does not know what you are really checking—only you do.

So when you need to know if your password has been hacked, you can check Troy Hunt’s “Have I Been Pwned” (HIBP) service. Even though the analyzer contacts HIBP servers, at no time is your actual password sent in plain text over the Internet while checking—this is very, very  important!

Your privacy and anonymity are preserved, as well as the integrity of your credentials because your password is first cryptographically hashed. Next, only a small portion of the hashed password is transmitted (over a secure encrypted connection). HIBP returns several hundred possible results and Passphrase Life checks for a match locally (while running in your browser, not on a server). This is a process using k-anonymity.

In this way, it’s impossible for HIBP, or a network attacker sniffing your traffic to know what you’re testing. If your browser’s encrypted https connection were somehow pierced—easy peasy with a covert TLS interception proxy—all an attacker could see would be one small piece of hash data and several hundred hash fragments. All of this text is vague and non-identifiable. In no way can it be used to figure out the credentials you’re actually testing.

Of course!

As you probably know, web browsers let you pick a “Do Not Track” (DNT) setting, designed to inform servers and web pages you don’t wish to be, well... tracked. And as you also probably know, DNT is usually ignored. But not at Passphrase Life.

When you set DNT, the service will not load Google Analytics. Period. Your visit will not be tracked, analyzed, stored or cookied. (This is how the setting should be responded to.) Passphrase Life will gladly forgo the use of any marketing data it could have gleaned by providing some online transparency in exchange for trust.

If you’re not certain whether your browser is sending a DNT request, the tool will tell you. Simply look at the bottom right corner of the analyzer page for the appropriate icon.

Note: when using the voice control feature of Passphrase Life, you should realize that when it’s active then every sound detected by the microphone is transmitted to Google servers in order to determine what command was issued. This occurs even when speech recognition is “paused.” Obviously, this feature requires a constant network connection to be usable. To maintain privacy, deactivate speech recognition once it’s no longer needed.

Information Security is a broad topic, and the subject of password strength can quickly get technical.

Passphrase Life contains reams of data explaining mathematical formulas and security concepts used to calculate password strength. It lists academic research where appropriate. It also offers How-To tips, best practices and common sense guidelines for password construction and analysis.

All of this assistance is available, on demand, by hovering over any of the controls or help symbols in the analyzer.

Because it’s a weak password. (We’re not kidding about this.)

If you made it up yourself, then it has very little entropy and it’s probably very easy to guess. (Feel free to disagree, but hashcat software running on a GPU cracking rig exploiting every known pattern will likely prove you wrong, regardless of how you feel about it.)

If your password is 8 characters or less, then it was a lost cause before you entered it. Containing only mixed case letters, a few symbols and some numbers, every common ASCII password in the world under 9 characters will be guessed in under 5 and a half hours. That’s six quadrillion, six hundred and thirty-four trillion utterly futile credentials!

If your password is longer than 8 characters—and it should be—then it might contain patterns that make it weaker. These few examples will clarify:

1) The 10-character password vs:oGptmOS is simply california that was created by shifting the letters 1 physical key over to the right when typing.

2) The password teRnfRZbaxRl is the ROT-13 alphabetical rotation of an easily exploitable term: greasemonkey.

3) The password 2$6*0+aDgJl' is a symmetrical row gap (when typed on a standard qwerty keyboard) that was created by skipping keys and rows. The term qazCDEtgbMJUol> also contains the same pattern.

4) The 14-character password zse$rfvnJi9ol> is a reflection gap, made by typing 2-inverted “V” patterns on the left and right sides of the keyboard; Z-S-E-4-R-F-V and N-J-I-9-O-L->.

5) The 16-character term D1e2F3g4h5i6J7k8 is an interleave pattern that was crafted by weaving together two alternate sequences, D-E-F-G-H-I-J-K and 1-2-3-4-5-6-7-8.

6) The passphrase A nut for a jar of Tuna! is a palindrome, a phrase that reads the same forward or backward.

7) The lengthy SchneierOnSecurityIsTheBestBlogInTheWorld! is a media term, a word or phrase used as an example of how to make credentials. Because these examples are published online (whether or not you knew) they should never be used. Changing up the capitalization (schneierOnSECURITYIsTheBestBlogInTheWorld!) won’t change the results—it’s still useless. Troy Hunt’s old LinkedIn password y>8Q^<6mqKEA4hac, Edward Snowden’s MargaretThatcherIS110%sexy, Bruce Schneier’s Ltime@go-inag~faaa! and Randall Munroe’s correctHORSEBATTERYstaple are all known to crackers. Don’t. Use. Them!

8) Terms that contain repetition, duplication or redundancy can be just as bad. The password cool-car-fast-car-racecar!!!!!!!! is such an example. Ignoring the obvious dictionary words, it contains duplicate characters (“c” 5 times), redundant terms (“car” 3 times) and repeating symbols (“!” 8 times). Stuffing a password like this to make it longer doesn’t make it any stronger.

9) Phrases made of dictionary words, such as the diceware method, aren’t very strong unless they’re long enough. For example, the term InterfaceArtistGatherSource is merely 4 common words strung together. It has about 52 bits of entropy, or no more than a typical 8-character password at full strength (which means it’s worthless). This 4-word term will be guessed in 2 hours and 37 minutes, on average. Dictionary passphrases should have at least 6 words in them to be safe, and most bitcoin wallet apps use 12 words (with salt). Again, any of these word lists must be created at random to be of any use at all, including brain wallets.

The examples above demonstrate the ease with which an attacker can figure out how clever you are trying to be. If you use any kind of pattern, it will be exploited soon enough. If you choose esoteric words and phrases—even really long ones—they will be inconveniently discovered. When imaginations create credentials then everything imagined will be weaker.

Superior credentials are created from a truly random process where the “human factor” is eliminated. These kinds of passwords have maximum entropy because nobody’s imagination is involved. But even truly random credentials must be audited because...

10) Randomly created passwords can also contain patterns. The term q\UD73b9(Js^ is 100% random and 100% worthless. Why? It just so happens to match a very common topology pattern (l​s​u​u​d​d​l​d​s​u​l​s), and every password in the topology (11 quadrillion) will be guessed in under 9 hours!

These are 10 reasons why your passphrase can be so easy to guess, and why it’s often determined to be “cracked before it was typed.”

Passphrase Life incorporates very aggressive pattern recognition, and any matches will downgrade the perceived strength of your tested credentials. You have the choice of “Ignoring Patterns” if you feel the analyzer is too zealous, but this option should be exercised judiciously. Pattern recognition is one of the strongest features of the analyzer and you should use it.

With Passphrase Life, you can examine at least 16 different metrics useful in dissecting your password and none of them include the option to choose how it could be hashed. This is by design.

Current state-of-the-art for password hashing is Argon2. It would be a more secure world if everyone implemented this tunable, memory-hard function and winner of the 2015 Password Hashing Competition, but they don’t.

The service provider won’t always disclose the hashing algorithm or key derivation function (KDF) used to secure your account. It could be something robust like Argon2 or it could be something worthless like unsalted SHA-1, but chances are you simply don’t know.

Instead of betting on the strength of an unknown hash, rely on the strength of your passphrase itself. Create strong ones and audit them here, because assessing password strength is all about the things you control—not what you can’t.

A formidable hashing algorithm cannot atone for a juvenile password, and a weak KDF won’t shield any password weak or strong. So put the emphasis on your passphrase itself and not on how it might have been hashed.

When Passphrase Life determines the expected lifespan of your credentials, there’s no need to “go on faith” with the result. This versatile analyzer shows, step by step, how your passphrase is deconstructed and explains why it will take the amount of reported guesses to crack. Analysis is performed locally, securely and anonymously, in realtime as you type, at no cost.

So, why shouldn’t you use Passphrase Life