In this age of hacks and scandals, are passwords really capable of protecting your bitcoins?
Each bitcoin address has a corresponding private key, which enables the owner to spend the bitcoins in it, but this private key also needs protecting.
The private key for your public bitcoin address is crucial, because without it, you will lose access to your coins. You canât keep this key in your head, though, because itâs a long string of alphanumeric gibberish, which is rather impractical to memorise.
Some people protect their bitcoins by storing them in paper wallets, embedding them in a printed QR code that can be scanned when necessary. Thatâs a good option, but it leaves the private key physically vulnerable to theft, fire, or coffee.
Another option is to use encrypted passwords, a capability that some bitcoin wallets include. Passwords can also be used to protect other important bitcoin-related assets, such as accounts on an exchange. However, the problem here is that passwords arenât that secure either: theyâre often far easier to crack than youâd expect.
Password cracking software uses dictionary attacks to access passwords by brute force, by trying millions of combinations of known words. Thus, itâs naive to use âpasswordâ, â12345â, or the name of your dog as your password â someone, somewhere, will probably have that on a list, unless your dog happens to be called â8%tRuiy0Pâ rather than âBuffyâ.
This Ars Technica article walks through how relatively talentless password crackers can use dictionaries to try and pieces together user passphrases.
But wait â your online exchange or web wallet encrypts your password, so youâre already protected, right?
Donât be so sure. Many applications that store a password will use whatâs known as a hashing function, passing the password through a mathematical calculation to produce a string of characters known as a hash. The software then stores that hash.
[post-quote]
Whenever anyone tries to gain access to something by entering a password, (say, a bitcoin private key, or an account on an exchange), the software runs the password through the same hashing function, and then compares the string produced with the string that was originally stored.
No two passwords would produce the same hash â so, theoretically, only people with access to the password could produce a match.
However, as a particular password will always produce the same hash, password crackers can simply hash all of the words in their dictionaries, to produce whatâs known as a rainbow table.
Thatâs a collection of millions of hashes, cross-referenced to the passwords that produced them. Thatâs how password thieves like those who stole LinkedInâs list of hashes could decode the passwords. There are techniques, such as password salting and using longer passwords, that can make this lookup process far more difficult, but itâs still useful for password crackers.
Even the seemingly clever passwords or passphrases that you use to protect your bitcoin wallet can be vulnerable to attack. That idea of using random letters or substituting the number â1â for an âlâ or an âiâ? Forget it. The software has rules for testing against that.
Some more savvy people will use two or three words strung together, perhaps with a number or stray letter thrown in. âAngrybadger1125â sounds like a great password, doesnât it? âWhen I was a boy I always wanted to be an astronautâ sounds even better. But these passwords arenât invincible.
The problem, as outlined by the University of Cambridgeâs Joseph Bonneau, and cited by security guru Bruce Schneier, is that password cracking today is a function of two things: power, and efficiency.
The first means throwing computing power at something (working harder), while the second involves using more sophisticated word matching models (working smarter).
Some people have even mined websites to try and find special interest-related words and passphrases that can be added to lists, and used to augment those huge dictionaries.
âPasswords are the democracy of authentication technologies â theyâre the worst thing available, except for everything else,â says Dan Kaminsky, a security researcher most famous for finding what amounted to a zero-day vulnerability for the whole web in the form of a DNS vulnerability in 2008.
So, if you thought your password stood in the way of your private key and an army of online crooks, think again. But the point is that theyâre likely to deter enough people to still make them worthwhile.
âThe reality is that passwords are highly likely to actually work in the field, which is why weâre addicted to them,â Kaminsky says.
Mike Hearn, one of bitcoinâs core developers, agrees. He gives an example of wallet-stealing malware that was circulating some time ago.
âAdding password-based wallet encryption put a stop to that â even though, in theory, it shouldnât work very well. Well-crafted malware can log your keystrokes and steal the password, while weak passwords could be brute-forced.â
He continues: âBut in practice, it seems to have raised the bar enough to buy time for the development of stronger techniques, like the Trezor.â
Trezor is a hardware device designed to store a master key for accessing your bitcoin wallet, which never divulges any secrets to the host machine. Hearn hopes that this product, or successors to it, will evolve into more general security tools in future.
âA secure display, CPU and buttons in portable form are exactly what is needed to solve many tricky security issues.â
Kaminsky also agrees that hardware currency being built to protect bitcoin users will be useful for other security problems: âI have nothing I can recommend directly, but I expect that to change in a small number of months,â he says.
Hardware has been used for protection before, of course. Two-factor authentication (something you know, plus something you have) is a mainstay of conventional security.
Biometrics (something you are) have also been used to authenticate people, granting them access to privileged resources. But both of these are now fraught with problems, both related to the NSA.
Reports recently surfaced that Appleâs iOS devices are subject to attack from the NSA, which has developed malware which can be implanted on one of the companyâs devices and used to access its internal workings.
It isnât yet clear whether this would enable an attacker to access the biometric fingerprint information on the latest iPhone, but then, hackers have already compromised this, making it largely moot.
Whatâs more worrying is that encryption technology developed by RSA is now suspected to be back-doored by the NSA, putting huge swathes of currently-used infrastructure at risk. RSA denies collusion, but it doesnât bode well for at least some commonly-used forms of 2FA.
â2FA is bigger than RSA,â protests Kaminsky, adding:
âYou might as well be asking whether security is over because now we know one security company may or may not have known (we have no idea) they were being used in this manner.â
Thatâs true, but it begs the question: if RSA was back-doored, who else was the NSA also accessing? And who can we trust with 2FA protection?
âThere are several proposals for 2FA, many of them being open source (such as Googleâs Authenticator) and so less likely to be hiding a backdoor,â says Sergio Lerner, a security expert and frequent contributor to bitcoinâs security efforts. The software inside Trezor is also open source.
âAnd if you fear that 2FA is not enough, then you can use 3FA (a token, a OTP smartphone app, and a password)!â he says. This multi-channel, out-of-band authentication is a feature of BitGoâs secure wallet.
Security is never a zero-sum game. Itâs a constant cat-and-mouse game, between those trying to protect systems, and those trying to break them.
There are alternatives to passwords that can work, but design transparency is key. And passwords are unlikely to go away, meaning that weâre going to have to find a way to try and use them properly.
Schneier has some good advice here. âWhen I was a boy, I ALWAYS wanted to be an airline pilotâ isnât a great choice, but you can make it into a password unlikely to be in any table, by taking the first letters of the words, as long as the software or online app allows the format that it produces.
âWIwab,IAw2ba@pâ should keep them fooled for at least a little longer (donât use this now â choose your own), but is still easy to recall if you know the phrase that it came from.
If youâre storing enough money in a bitcoin address that it would hurt to lose it, and open source 2FA isnât available, such precautions seem worth the effort, donât they?
Padlock image via Shutterstock
