Password Branching
Mar/25/07 Filed in: Information Security
Password Branching creates multiple passwords from a single seed password. This technique is useful in situations where you must remember many passwords, such as logins to multiple Web sites. Say, for example, you regularly purchase songs from the iTunes Music Store, and you also have an online email account with Yahoo. It would be unwise to make both passwords the same, because a security incident with one vendor would lead to exposing your personal information from both vendors. The average person
has to remember passwords to dozens of e-commerce and other sites, as well as passwords at work and sometimes for home computers as well. That same average person has a short term memory that can recall only nine passwords, and then only if they are simple. Simple passwords that are easy to recall are often just as simple to guess or crack.
There are many solutions to this common problem of having to remember so many passwords. Many IT organizations incorporate a Single Sign On (SSO) system, whereby the user only has to login to one system, and all other systems coordinate to verify the login. Another solution is using a Public Key Infrastructure (PKI) and issuing each user a "certificate." The certificate is usually stored on a smart card or as an encrypted file, and any system can verify your identity from a third party using the certificate that you send them.
But what about systems that are (supposed to be) disparate, and systems that do not support PKI for reasons of cost and complexity? That is where a system like Password Branching can help. The idea is simple; you choose a seed password as the base for all your passwords. It should be difficult to guess (I provide a basic strength assessment form) and that is the only password you need to remember. For each site or service you use a name. For example, for the music store you could use "iTunes" and for your online email account you could use "yahoo.com," or you can use whatever your bookmark in your Web browser is such as "http://www.audible.com" or "http://www.amazon.com." The idea is that the name should be so obvious that you should not have to remember it. As long as each place you need a password for has a different name, it is nearly guaranteed that each name will get a unique password. Entering the seed password and the name on the form I have provided for you will use what is called a "biomorphic algorithm" (simpler than its name implies) and generate a password for you.
The nice part of is this system is that you only have to remember a single password for all the services that you use. I designed the form with no images and as a single file so that you may always have access to it either via my Web site or by saving your own copy locally. It does not require you to install any software or depend on any services other than your Web browser. The best part is that, since it runs locally on your computer even when you access it via my site, your password is never sent on any network other than the one you intend to use it on (e.g. the iTunes password will be sent to Apple when you log in, but will never be on my site's network) and the password is never stored on any server anywhere. I have even designed the form to prevent your Web browser's auto-fill forms feature from remembering your seed password. Bottom line, the system is reasonably safe and secure. I recommend saving a local copy for maximum security, and using the online version only when the local copy is unavailable. Get the form only from uner.com, never from anywhere else - ever.
If you choose a password that is simple to begin with, and someone knows you are using my technique, your passwords on all sites may be compromised. Obviously, this is no different then from using the same password for every service. It is also possible that someone can break into your computer and replace the form with a malicious version. Of course, if they could do that, they would also be able to install keystroke loggers and other attack tools anyway. The bottom line is that my system is not perfect, but it is likely far better than what your are doing without it.
To help you out with password branching, and indeed passwords in general, I offer you two forms: a password generator and a password strength check form (find them in the "Tools" section). The password generator is an implementation of password branching. The strength check form provides you with a decent measure of how strong any password is. Obviously, you could use these in tandem to verify that the seed password you chose is strong enough. The strength check form also has tips on making good passwords.
The first question on your mind after using the branching password generator is likely to be "why is the user interface so freaky?" Well, it's boring, first of all, so that it may be easily saved to a local file. The cut and pasting of the seemingly invisible password is to keep the person looking over your shoulder from easily seeing the result for any significant period of time. And the reason the seed password is cleared after a time of no activity is to keep users from accidentally walking away from the form while their seed password is still entered. I think the interface a bit awkward as well, and I welcome comments on making it better.
As far as the underlying algorithm, it is essentially a pseudo-random number generator. The algorithm is one of many biomorphic algorithms of my own design. Biomorphic algorithms are simple algorithms that are chaotic (a small change in initial conditions yields a large change in the result) and that feed back upon themselves. Pure biomorphic algorithms usually incorporate something about the system's initial state to create diversity among multiple systems, so that attacks on one system to not necessarily work on other, seemingly identical systems. The entropy for the algorithm in this case come from the seed password's characters multiplied by their position. Admittedly, that's not a lot to work with, and in fact the resulting passwords may have less entropy than the seed. A good seed, however, should still provide enough to make the resulting passwords almost as difficult to guess as the seed. The proof is left to the interested reader.
I release all of this work into the public domain. I ask only three things in return. First, if you use it, feel free to drop me a line and say so. Doing so anonymously is fine (use a service like http://www.worldwildlife.org/ecards/index.cfm to send me a note). I would like to know how many users there are so that I can put an appropriate amount of resources toward future, similar projects. Second, if you reuse any part of my work, please let me know, and please give me credit in an appropriate way. Lastly, please help me make this system better. Much of the work behind this has been published for many years, and has stood up to academia and industry alike. But that does not mean it is perfect. If you discover a bug, please tell me. If you had advice on anything from the form to the algorithm, please tell me.
I hope these tools and this information helps you, and helps us all increase the security posture of the connected World. I thank you for your time in reading this, in using the tools, and I sincerely appreciate all the feedback I get. I try and answer each message, but please understand that it may take me several weeks sometimes to catch up, and that I am sorry that I do not always have the time to answer all your very well-thought out questions about the wide topic that is secure password generation.
There are many solutions to this common problem of having to remember so many passwords. Many IT organizations incorporate a Single Sign On (SSO) system, whereby the user only has to login to one system, and all other systems coordinate to verify the login. Another solution is using a Public Key Infrastructure (PKI) and issuing each user a "certificate." The certificate is usually stored on a smart card or as an encrypted file, and any system can verify your identity from a third party using the certificate that you send them.
But what about systems that are (supposed to be) disparate, and systems that do not support PKI for reasons of cost and complexity? That is where a system like Password Branching can help. The idea is simple; you choose a seed password as the base for all your passwords. It should be difficult to guess (I provide a basic strength assessment form) and that is the only password you need to remember. For each site or service you use a name. For example, for the music store you could use "iTunes" and for your online email account you could use "yahoo.com," or you can use whatever your bookmark in your Web browser is such as "http://www.audible.com" or "http://www.amazon.com." The idea is that the name should be so obvious that you should not have to remember it. As long as each place you need a password for has a different name, it is nearly guaranteed that each name will get a unique password. Entering the seed password and the name on the form I have provided for you will use what is called a "biomorphic algorithm" (simpler than its name implies) and generate a password for you.
The Upside
The nice part of is this system is that you only have to remember a single password for all the services that you use. I designed the form with no images and as a single file so that you may always have access to it either via my Web site or by saving your own copy locally. It does not require you to install any software or depend on any services other than your Web browser. The best part is that, since it runs locally on your computer even when you access it via my site, your password is never sent on any network other than the one you intend to use it on (e.g. the iTunes password will be sent to Apple when you log in, but will never be on my site's network) and the password is never stored on any server anywhere. I have even designed the form to prevent your Web browser's auto-fill forms feature from remembering your seed password. Bottom line, the system is reasonably safe and secure. I recommend saving a local copy for maximum security, and using the online version only when the local copy is unavailable. Get the form only from uner.com, never from anywhere else - ever.
The Downside
If you choose a password that is simple to begin with, and someone knows you are using my technique, your passwords on all sites may be compromised. Obviously, this is no different then from using the same password for every service. It is also possible that someone can break into your computer and replace the form with a malicious version. Of course, if they could do that, they would also be able to install keystroke loggers and other attack tools anyway. The bottom line is that my system is not perfect, but it is likely far better than what your are doing without it.
The Tools I Provide For You
To help you out with password branching, and indeed passwords in general, I offer you two forms: a password generator and a password strength check form (find them in the "Tools" section). The password generator is an implementation of password branching. The strength check form provides you with a decent measure of how strong any password is. Obviously, you could use these in tandem to verify that the seed password you chose is strong enough. The strength check form also has tips on making good passwords.
A Few Technical Details
The first question on your mind after using the branching password generator is likely to be "why is the user interface so freaky?" Well, it's boring, first of all, so that it may be easily saved to a local file. The cut and pasting of the seemingly invisible password is to keep the person looking over your shoulder from easily seeing the result for any significant period of time. And the reason the seed password is cleared after a time of no activity is to keep users from accidentally walking away from the form while their seed password is still entered. I think the interface a bit awkward as well, and I welcome comments on making it better.
As far as the underlying algorithm, it is essentially a pseudo-random number generator. The algorithm is one of many biomorphic algorithms of my own design. Biomorphic algorithms are simple algorithms that are chaotic (a small change in initial conditions yields a large change in the result) and that feed back upon themselves. Pure biomorphic algorithms usually incorporate something about the system's initial state to create diversity among multiple systems, so that attacks on one system to not necessarily work on other, seemingly identical systems. The entropy for the algorithm in this case come from the seed password's characters multiplied by their position. Admittedly, that's not a lot to work with, and in fact the resulting passwords may have less entropy than the seed. A good seed, however, should still provide enough to make the resulting passwords almost as difficult to guess as the seed. The proof is left to the interested reader.
Legal
I release all of this work into the public domain. I ask only three things in return. First, if you use it, feel free to drop me a line and say so. Doing so anonymously is fine (use a service like http://www.worldwildlife.org/ecards/index.cfm to send me a note). I would like to know how many users there are so that I can put an appropriate amount of resources toward future, similar projects. Second, if you reuse any part of my work, please let me know, and please give me credit in an appropriate way. Lastly, please help me make this system better. Much of the work behind this has been published for many years, and has stood up to academia and industry alike. But that does not mean it is perfect. If you discover a bug, please tell me. If you had advice on anything from the form to the algorithm, please tell me.
Thank You
I hope these tools and this information helps you, and helps us all increase the security posture of the connected World. I thank you for your time in reading this, in using the tools, and I sincerely appreciate all the feedback I get. I try and answer each message, but please understand that it may take me several weeks sometimes to catch up, and that I am sorry that I do not always have the time to answer all your very well-thought out questions about the wide topic that is secure password generation.
