Don't use passwords. Use passphrases.

We still use passwords everywhere, and they're usually stored as hash values in the database of the service that we log into. I ran into this story about a guy, who looked up the md5 hash value on Google and this way reverse engineered a password. His conclusion is, not to use a password that anybody else on this planet may have used.

The reason that this is a problem, is that many users use the same passwords in multiple places, so if you know their password in one place, you can probably log into other services using that password. If you store all passwords as hash values, and you lose these hash values to people that may abuse them, it is important that they cannot get the original password from it. There are many ways to crack passwords, and lostpassword.com is a good site to know, if you want to know how easy it is to crack passwords.

But how fast can md5 hashes be cracked? Let's try to imagine that we produce all thinkable passwords and generate their md5 hashes, and then use the resulting list as a lookup table, sorted by md5 hash. Let's make a few presumptions:

• The password is only using lowercase letters and digits, 36 different characters in total.
• It is totally random.

Let's say the password has the length n. The md5 hash is 32 bytes, so each lookup item is size=32+n. There will be 36ⁿ records, using (32+n)×36ⁿ bytes of space. How long would it take to find a password for an md5 value? With binary lookup it would use c = log₂(36ⁿ) = n×log₂(36) = n×5 lookups. This is the space needed for various values of n, assuming that a lookup takes 20ms:

• n=5 uses 2GB crack time: 100ms
  
• n=6 uses 82GB crack time: 120ms
  
• n=7 uses 3TB crack time: 140ms
  
• n=8 uses 112TB crack time: 160ms
  
• n=9 uses 4163TB crack time: 180ms
• n=10 uses 1×10¹⁷ bytes
  
• n=15 uses 1×10²⁵ bytes
• n=20 uses 1×10³² bytes

You can buy 1TB drives today, so these are realistic amounts of storage up to n=10. If you want to use a good password, you should therefore ensure, that it's at least 10 characters, and if you want to be well protected, also in the future, go for at least 15 characters.

As you can see, these are bad passwords:

• j4fsk2
• this is fun
• my dog ate my homework (somebody else probably used that, too)
  

These are good passwords:

• slashdot8fischk (15 characters, spelling errors etc.)
  
• roskilde/1997/annie (25 characters, but who is Annie and why Roskilde?)

It is a good thing that a long password can be typed very fast, so it usually needs to contain some real-life words, but make sure to pick some words that other's wouldn't use.

As a programmer, you can help your users make better passwords by providing more space to type the password. Usability research has shown, that this actually helps, although I cannot remember the source for that information. Some systems also use the word "passphrase" instead of password in order to encourage users to type more characters.