Hashapass Password Management
The author of a tool named Hashapass contacted me some time ago to bring his tool to attention. It is a way to mitigate the problem of having to memorize and generate many different passwords.
Good security practice is for users to have a different password with each web site and system they use. Should one of them be compromised, your other accounts will still be safe. The problem is that passwords tend to both be hard to remember and difficult to generate.
Hashapass allows a user to have just one password (ideally, passphrase) that is used to generate many different passwords. Provide the master passphrase and the name of the website (parameter) needing a password and Hashapass generates an 8-character password worth 48 bits.
It works by applying HMAC, with the SHA-1 hash, to the the parameter and passphrase as to stir them together into a hash. Then it outputs the 48 most significant bits in base-64 as the password.
I mentioned before that you should really use a master passphrase instead of a master password, because a compromised hash password can be brute forced to reveal the master password. Unfortunately, the Hashapass website says "password" instead of "passphrase".
I made a Hashapass password cracker to test how practical this attack would be. You can grab it with Git,
git clone git://github.com/skeeto/hashapass.git
The idea is that if a malicious website operator peeked at your password, knew you used Hashapass, and properly guessed the parameter (which isn't a secret), he could use a tool like this to brute force attack the password to retrieve the master passphrase. A short master password could easily be discovered.
Running on one machine with one instance of the program, my tool can break any password with five or less characters in a matter of hours. A 6-character password could take a month or two. A 7-character password would take a decade. Each character in the password increases the search time by a factor of 100.
If multiple computers/cores/processors are put to use on the attack, these times can be shortened: 2 computers would halve the time, for example. The attack is easy to parallelize.
My tool assumes a strong, but short, master password was chosen, as it checks against all printable ASCII characters. If a weaker password was used, and the attacker assumed this, the above time table would be much shorter.
So, for the master passphrase, use at least 8 characters generated using a strong random number generator. I recommend generating the passphrase with Diceware using 5 words.