Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Passphrases That You Can Memorize — But That Even the NSA Can’t Guess
THE // INTERCEPT ^ | 03/26/2015 9:29 AM | Micah Lee

Posted on 03/27/2015 9:21:39 AM PDT by Utilizer

It’s getting easier to secure your digital privacy. iPhones now encrypt a great deal of personal information; hard drives on Mac and Windows 8.1 computers are now automatically locked down; even Facebook, which made a fortune on open sharing, is providing end-to-end encryption in the chat tool WhatsApp. But none of this technology offers as much protection as you may think if you don’t know how to come up with a good passphrase.

A passphrase is like a password, but longer and more secure. In essence, it’s an encryption key that you memorize. Once you start caring more deeply about your privacy and improving your computer security habits, one of the first roadblocks you’ll run into is having to create a passphrase. You can’t secure much without one.

For example, when you encrypt your hard drive, a USB stick, or a document on your computer, the disk encryption is often only as strong as your passphrase. If you use a password database, or the password-saving feature in your web browser, you’ll want to set a strong master passphrase to protect them. If you want to encrypt your email with PGP, you protect your private key with a passphrase. In his first email to Laura Poitras, Edward Snowden wrote, “Please confirm that no one has ever had a copy of your private key and that it uses a strong passphrase. Assume your adversary is capable of one trillion guesses per second.”

(Excerpt) Read more at firstlook.org ...


TOPICS: Computers/Internet
KEYWORDS: password; security
Navigation: use the links below to view more comments.
first 1-2021-38 next last
Interesting way to generate a human-friendly and hard to guess passphrase.
1 posted on 03/27/2015 9:21:39 AM PDT by Utilizer
[ Post Reply | Private Reply | View Replies]

To: Utilizer

Bookmark for later.


2 posted on 03/27/2015 9:24:33 AM PDT by wally_bert (There are no winners in a game of losers. I'm Tommy Joyce, welcome to the Oriental Lounge.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

ThisIsAVerySecurePasswordPhrase

T#isI$Not


3 posted on 03/27/2015 9:29:13 AM PDT by RightFighter (It was all for nothing.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: wally_bert

M4L Password


4 posted on 03/27/2015 9:30:48 AM PDT by Scrambler Bob (an icon of resistance within the oppressed patriots, who represent resilience in the face of SSV)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Scrambler Bob

Yoda speak you should use when pass phrase generating you are. :-)


5 posted on 03/27/2015 9:47:28 AM PDT by glorgau
[ Post Reply | Private Reply | To 4 | View Replies]

To: Utilizer

The NSA doesn’t hack your passwords. The NSA calculates the hash key that’s generated by your password.

So “I Like Ice Cream” is not stored on your computer but the hash key of 7b783177134c3bfe95647ca3e12ddeb4 is stored on your computer and it can be calculated.


6 posted on 03/27/2015 9:48:05 AM PDT by MeganC (You can ignore reality, but reality won't ignore you.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer
There are other ways of cracking passwords.

Like having one’s eyeballs pulled out or having a blowtorch applied to one’s genitals.

7 posted on 03/27/2015 9:49:33 AM PDT by PetroniusMaximus
[ Post Reply | Private Reply | To 1 | View Replies]

To: glorgau

Yoda speak you should use when pass phrase generating you are. :-)

=

97ab903e176f04b358ea884003107fc4


8 posted on 03/27/2015 9:50:03 AM PDT by MeganC (You can ignore reality, but reality won't ignore you.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: PetroniusMaximus

“...or having a blowtorch applied to one’s genitals.”

Oh, you’ve had a yeast infection, too?

:-P


9 posted on 03/27/2015 9:51:26 AM PDT by MeganC (You can ignore reality, but reality won't ignore you.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: wally_bert

Ditto pop fizzle nuk crypto mulch gig


10 posted on 03/27/2015 9:56:56 AM PDT by Fester Chugabrew (Even the compassion of the wicked is cruel.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Utilizer

re: How to memorize your crazy passphrase

This is where I get in trouble. Every now and then my mind goes blank, and I can’t remember my 4 digit pin number on my ATM card. So just keeping my passphrase in my head would be a problem.


11 posted on 03/27/2015 10:09:56 AM PDT by Nevadan
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer
I'd like to ask a (dumb) question: how do they know when they've cracked a password? If they know because the content is suddenly legible, what if you encrypt the content with one method, then encrypt the result using some other method.

Or an I missing something?

12 posted on 03/27/2015 10:10:28 AM PDT by Riflema
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer
  Imagine your adversary has taken the lyrics from every song ever written, taken the scripts from every movie and TV show, taken the text from every book ever digitized and every page on Wikipedia, in every language, and used that as a basis for their guess list. Will your passphrase still survive?

  RamaLamaBoom5NakkaBamPowSmooNakka7
13 posted on 03/27/2015 10:15:44 AM PDT by Maurice Tift (Never wear anything that panics the cat. -- P.J. O'Rourke)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Riflema

Encryption doesn’t work that way. Imagine having a bowlful of small 3D shapes such as spheres, cubes, and triangular pyramids. Place a firm sheet over it with cutouts of one shape, say squares. The result will be nothing but cube outputs. Then place all the resulting objects in another bowl and there is only one shape of filter to allow them to pass through again.

Not a perfect example, but it should point out why you have to use the same filter to encrypt and decrypt your files.


14 posted on 03/27/2015 10:21:43 AM PDT by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the muzlims trying to kill them)
[ Post Reply | Private Reply | To 12 | View Replies]

To: RightFighter

I’ll stick with “Password123” thank you very much


15 posted on 03/27/2015 10:22:17 AM PDT by thorvaldr
[ Post Reply | Private Reply | To 3 | View Replies]

To: Utilizer

If BB wants to snoop, it will.


16 posted on 03/27/2015 10:30:01 AM PDT by bgill (CDC site, "we still do not know exactly how people are infected with Ebola")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

For years my passwords gave been acronyms made from phrases with numbers and symbols.


17 posted on 03/27/2015 10:36:07 AM PDT by thackney (life is fragile, handle with prayer)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PetroniusMaximus

I hate it when that happens.


18 posted on 03/27/2015 10:47:05 AM PDT by Rebelbase
[ Post Reply | Private Reply | To 7 | View Replies]

To: Utilizer

bfl....computer security/passwords


19 posted on 03/27/2015 10:55:09 AM PDT by goodnesswins (I think we've reached PEAK TYRANNY now.....)
[ Post Reply | Private Reply | To 1 | View Replies]

To: thorvaldr
I’ll stick with “Password123” thank you very much

For me, "letmein!" will suffice.

20 posted on 03/27/2015 11:04:24 AM PDT by atomic_dog
[ Post Reply | Private Reply | To 15 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-38 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson