In light of the recent LastPass breech I looked at different strength test websites to see how long a password would hold up under a offline brute-force attack.
The password I tried was: Aband0nedFairgr0und
This is a a 19 character password with a combination of uppercase/lowercase/numbers. Granted, there is no special characters.
I went to 5 different password strength sites and they all give me wildly different results for how long it would take to crack.
| https://www.security.org/how-secure-is-my-password/ | 9 quadrillion years |
|---|---|
| https://delinea.com/resources/password-strength-checker | 36 quadrillion years |
| https://password.kaspersky.com/ | 4 months |
| https://bitwarden.com/password-strength/ | 1 day |
As you can see the results are all over the place!
Why is the Bitwarden result so low and if the attacker had zero knowledge of the password, is it feasible to take an average of the diufferent results and assume that password is sronger that 1 day?
PS: Dont worry, Aband0nedFairgr0und is not a password I use and was made up as a test.
I was playing with Bitwarden's Password Strength Testing Tool and discovered unexpected behavior.
I have a password that I use to login to my personal laptop (thirteen characters with letters, digits and symbols). I use the same password with 2 additional digits appended as my Bitwarden Master password.
When I test the laptop password, the testing tool says "Strong" and "31 years" to crack. Seems good so far. Next, I append an additional digit and the Estimated Time to Crack increases to "centuries" which seems even better.
Then I append one more digit and the Estimated Time to Crack goes DOWN to 57 years. Huh?
Why would the Estimated Time to Crack go down when appending a digit to a password that would take "centuries" to crack? I thought appending more characters to a password would always increase the estimated time to crack.
Am I misunderstanding something?
Basically, it seems to award very short passphrases too much strength.
I've built a spreadsheet to test entropy of each password/passphrase and have believed it's best to stay above 78 bits of entropy, I suppose based upon recommendations of the Diceware web page, from perhaps 1995:
We recommend a minimum of six words for use with GPG, wireless security and file encryption programs. A seven, eight or nine word passphrase is recommended for high value uses such as whole disk encryption, BitCoin, and the like. For more information, see the Diceware FAQ.
From this I inferred six-word passphrases were the basic minimum, with longer phrases up to 10, depending upon need. Six words gives me 77 bits of entropy (based upon a 7700-word dictionary).
Now to the BW Password Strength Testing Tool (PSTT): It shows a two-word passphrase, "blissful-harmony" as good! Then it also says it would take one day to crack! Something's wrong here. FWIW, a two-word passphrase yields 25 bits of entropy. Add one more word to the phrase: "blissful-harmony-update" and the tester gives it a "Strong" rating that will take centuries to crack with 38 bits of entropy. Neither seems overpowering or even adequate.
The PSTT appears to have dissociated "strength" and "entropy," and I don't understand why.
I did read through the zxcvbn link on the PSTT page, and the following may bear upon the issue:
By disregarding the "configuration entropy" — the entropy from the number and arrangement of the pieces — zxcvbn is purposely underestimating, by giving a password's structure away for free: It assumes attackers already know the structure (for example, surname-bruteforce-keypad), and from there, it calculates how many guesses they'd need to iterate through.
There's also the encryption methods, including the Key Derivation Function that will slow down the number of guesses a hacker can make in any unit of time; that can help, as can Multi-Factor Authentication (MFA).
Still, worst case, as LastPass users discovered, MFA doesn't help the Vault owner if a hacker has it in front of him and doesn't have to go through online protection schemes.
So, is a short passphrase strength betting on a hacker not knowing the structure of password/passphrase or am I missing something?
Hi! Tested one of my old cracked password with the bitwarden Password strength testing tool and it was shown as secure. So I tested it with one of the password that I thought look at least kind of good from a rockyou-list: "arisdwiwanto070606" (https://raw.githubusercontent.com/josuamarcelc/common-password-list/refs/heads/main/rockyou.txt/rockyou_2.txt) with the result that it was a strong password.
According to HaveIBeenPwnd the password has been seen one time before.
Is there any reason why Bitwarden does not check for any new password lists as well when telling the user about the password strength (zxcvbn seems to have a 9 years old password list, https://github.com/dropbox/zxcvbn/tree/master/data) or do I miss something?
Do you periodically check your master password with Bitwarden to see if it has been involved in a data breach?
Have you used the Bitwarden Strength Testing Tool?
Yes, no, using another tool? Never heard of it? Let us know what you think.
For context, this post prompted a discussion around the security of using password strength testers, so let's hear the good and the bad!
It will quickly jump from days to decades to centuries by just adding a few characters. I doubt it will take centuries for the government or hackers to crack these simple passwords.
How accurate is it? How do I create a strong password?
The only way to verify the strength of a password is by analyzing the app that generated it. You cannot assess the strength of a password by looking at it in isolation. If you made up a password without using an app, you must assume it is weak.
The password strength tester might give novice users some insight into the relative value of different kinds of passwords, but it should not be used to verify a password’s strength.
How do I create a strong password?
Bitwarden has a builtin password generator, which is sufficient for anything you will need. This password generator has two basic types of passwords:
-
Fully random — you get to choose how long it is, whether it has numerals (and how many), special characters (and how many), and whether to avoid “ambiguous characters, like “oh” versus “zero”. This is the kind of password you should usually set for a website. With autofill, you don’t care if it is something really ugly like
s8qqlr^*!eFe. -
Passphrase — this is a string of real English words. Bitwarden selects from a known list with 7776 words. A passphrase is easier to read and to transcribe (type in yourself). In order for a passphrase to be strong, it must be longer than a fully random password to have the same entropy (“strength”).
Passphrases are great if you cannot use autofill. A master password is a great example. So is also a workplace administered laptop.
The greater length of a passphrase can be a problem, because some websites have length limitations or a bug with longer passwords. Linux, Windows, Microsoft, Google, and Apple all handle longer passwords correctly, but you could run into a problem with toothpick-r-us.com. As a rule, if you can use autofill, don’t bother with using a passphrase; just stick with the fully random password.
How accurate is it?
All password "strength" calculators that analyze a user-provided password are garbage, and often generate wildly misleading results.
Bitwarden's password strength tester is based on the zxcvbn tool, which is somewhat more sophisticated than many of the other password strength testers, but still produces nonsense results.
For example, the title of a popular book & movie, like "The cat in the hat" is a terrible master password, but Bitwarden's strength tester says it is "strong" and claims it would take "centuries" to crack.
Likewise, for a randomly generated password string containing 8 characters (e.g., &50y6pO*), Bitwarden's password strength tester claims that it is a "weak" password that can be cracked in only 3 hours. In reality, this is a very strong password, which would take well over a thousand years to crack.
How do I create a strong password?
Use a vetted passphrase generator that selects random words based on the output of a uniformly distributed, cryptographically secure pseudo-random number generator, and generate yourself a random 4-word passphrase. Done.
Hi, I have a question about the Bitwarden Password Generator/Strength tester at https://bitwarden.com/password-generator/
By default, it offers a 14 character random Alpha-numeric password and tells me that this is safe for "Centuries". Is this still the case? Other sources talk about generating longer passwords??
In fact if I use this to generate a 9 character password it gives it a "good" rating...
Is it safe to have BitWarden check my passwords. I was part of the Equifax hack and my SS and all my info was found on "The Dark Web"... I have all my credit reports frozen but I really want to check my passwords but I thought maybe that would just put me at more risk.
It's safe, it converts your password to a 64 character long hash and only sends over the first 5. The site sends over all the other hashes that start with the same 5 and the plugin checks your hash locally to see if it's in a breach.
The video on this article better describes it.
As a general principle: You should never type any password into any online service, no matter how trusted they are.
Ideally, if the breaches are public, you should download the list to your local computer and CTRL+F for it instead. Even then, you should be careful you're downloading the real list and not a malware infested red herring.
In light of the recent LastPass breech I looked at different strength test websites to see how long a password would hold up under a offline brute-force attack.
The password I tried was: Aband0nedFairgr0und
This is a a 19 character password with a combination of uppercase/lowercase/numbers. Granted, there is no special characters.
I went to 5 different password strength sites and they all give me wildly different results for how long it would take to crack.
As you can see the results are all over the place!
Why is the Bitwarden result so low and if the attacker had zero knowledge of the password, is it feasible to take an average of the diufferent results and assume that password is sronger that 1 day?
PS: Dont worry, Aband0nedFairgr0und is not a password I use and was made up as a test.
The other explanations here are true but maybe this will clarify why.
Bad password checkers assume a cracking program will guess, in order: a, b, c, … aa, ab, ac, ad, … and so on forever. Good password strength checkers calculate entropy (~randomness) with the assumption of common reasonable wordlists and standard variations on those words, in addition to gibberish character strings.
Password cracking tools don’t tend to guess every single random string of characters from shortest to longest, since many people are more likely to choose real words or variations of words.
So, for example, “eggplan” is actually a stronger password than “eggplant” despite having fewer characters. They’re both awful, but any decent password cracking tool will guess a word a human is more likely to choose first (vs egg + plan, two unusual words to combine). “eggplan” will even take longer to crack than “eggpl@nt” because a→@ is such a common substitution for humans trying to strengthen their passwords that password cracking tools will likely try it first.
Extending to longer sequences, 3-6 memorable unmodified words chosen randomly from very long lists will usually be both more memorable and harder to crack than 2-3 words with symbols inserted.
Edit to add: the best way to get a sense of how this works in practice is here: https://lowe.github.io/tryzxcvbn/
Bitwarden.com uses zxcvbn to calculate the time-to-crack. You can try it online at https://lowe.github.io/tryzxcvbn/ and it'll tell how it arrived at a time of 1 day.
I checked and it doesn’t seem to be an option. Is there a way for BitWarden to check my passwords to see if they are weak or if they are on known compromised lists? I would imagine this to be on demand tool online.
I really appreciate all the advice on this sub regarding password strength, but I'm having a very hard time getting my head around it all. I've been looking at the zxcvn testing page, which is apparently what the Bitwarden password tester is based on. I've been playing around with a range of example passwords, similar to what I have used in the past. When I put in a 20 character pass phrase, using only upper and lower case letters, their estimation for fastest possible time to crack is "10B / second: 41 years (offline attack, fast hash, many cores)". However, if I add only 1 more character, that changes to "centuries". From then on, no matter how many more random characters I add, it still simply says "centuries". This seems to imply that there is no extra benefit to having a 50 character password over and above a 21 character password. I'm sure this is not the case, and that I've misunderstood something, but can someone explain what I'm missing?
IMNSHO stay away from these password strength testers. DO NOT MAKE UP YOUR OWN PASSWORDS.
Use the Bitwarden generator. Make it a passphrase if you need to memorize it. That way you never have to worry about its strength.
Is there a difference between 2 centuries and 600 centuries? Sure. But does that really matter when it comes to password complexity? Do you think we’ll still be using passwords in 100 years? How many of your current accounts will still be active then? How many current companies will still be in business then?
I recently wiped an old laptop of mine. By some miracle, I plugged it in and Windows XP booted right up. So before I wiped it I was able to see my RoboForm vault from the mid 2000s. Only four of the accounts are still relevant today. Where do you think your vault will be in 20 years? 50? 100?
Your passwords (particularly your master password) should be robust enough to survive a couple of generations after you’re gone. Said another way, by the time an account can be cracked, its value should have decreased significantly. The more valuable you expect an asset to be in the future, the more protection it warrants. Your Snood or FarmVille credentials? Not so much.