RSA Security 5.2.2 manual Choosing Passwords

Security Considerations

attacker can predict two or three of the bits in each seed byte. Bit 7, for instance, will always be 0. Furthermore, many of the keystrokes can be predicted: they will probably be lowercase letters that alternate between the left and right hand. Analysis of this issue has determined that there is only one bit of entropy from each keystroke (think of the term “entropy” as “unrepeatability”). When using keystrokes, use at least one for each bit of key size.

There are other schemes for finding seed bytes, including tracking mouse movements, timing keystrokes, “listening” to hardware noise, or capturing machine state information. Many schemes will provide more than one bit of entropy per byte of seed; however, it is an easy-to-remember rule of thumb to use as many bytes of seed data as bits of key.

Whatever the scheme, it may seem unusual to expend more effort to produce a seed than it will take to produce the random key data itself. Why not simply use the seed data in the key? The strength of cryptography relies on key data that is random or pseudo-random. If an attacker knows that the key data is not random, cracking the cipher becomes easier. The seed will almost certainly not be random. The attacker may not be able to repeat the seed gathering process exactly, but non-random key data leaves a cipher algorithm as a whole open to various attacks. Hence, use a large unrepeatable seed to generate pseudo-random data.

Choosing Passwords

In almost any security application, users are required to have passwords that indicate authorized access to the system. Often, when given a choice, users choose the same password for various applications. For instance, they may use their login password to encrypt a private key. Many times, users will choose passwords an attacker can easily deduce. Therefore, it is a good idea for developers to build good password protocols into their applications. Following is a list of possible guidelines for choosing passwords.

•Enforce a minimum password length, generally eight characters.

•Inform users to avoid easy to guess passwords, such as common names or birthday dates.

•Check an entered password against a dictionary.

•Require a combination of numeric, special, and upper- and lower-case alphabetic characters.

•Include support for password expiration dates to limit the available searching time an attacker has to break into the system.