nullprogram.com/blog/2009/04/14/
The author of a tool named Hashapass contacted me some time ago
to bring his tool to attention. It is a way to mitigate the problem of
having to memorize and generate many different passwords.
Good security practice is for users to have a different password with
each web site and system they use. Should one of them be compromised,
your other accounts will still be safe. The problem is that passwords
tend to both be hard to remember and difficult to generate.
Hashapass allows a user to have just one password (ideally,
passphrase) that is used to generate many different passwords. Provide
the master passphrase and the name of the website (parameter) needing
a password and Hashapass generates an 8-character password worth 48
bits.
The website works entirely in Javascript, so you don't have to worry
about transmitting your password or master passphrase. This also makes
it easy to see how the hashing is done. If this was a secret, I
wouldn't recommend using it.
It works by applying
HMAC, with the SHA-1 hash, to the the parameter and passphrase as
to stir them together into a hash. Then it outputs the 48 most
significant bits in base-64 as the password.
I mentioned before that you should really use a master
passphrase instead of a master password, because a
compromised hash password can be brute forced to reveal the master
password. Unfortunately, the Hashapass website says "password" instead
of "passphrase".
I made a Hashapass password cracker to test how practical this attack
would be. You can grab it with Git,
git clone git://github.com/skeeto/hashapass.git
The idea is that if a malicious website operator peeked at your
password, knew you used Hashapass, and properly guessed the parameter
(which isn't a secret), he could use a tool like this to brute force
attack the password to retrieve the master passphrase. A short master
password could easily be discovered.
Running on one machine with one instance of the program, my tool can
break any password with five or less characters in a matter of
hours. A 6-character password could take a month or two. A 7-character
password would take a decade. Each character in the password increases
the search time by a factor of 100.
If multiple computers/cores/processors are put to use on the attack,
these times can be shortened: 2 computers would halve the time, for
example. The attack is easy to parallelize.
My tool assumes a strong, but short, master password was chosen, as it
checks against all printable ASCII characters. If a weaker password
was used, and the attacker assumed this, the above time table would be
much shorter.
So, for the master passphrase, use at least 8 characters
generated using a strong random number generator. I recommend
generating the passphrase with
Diceware using 5 words.