Audio Of The Week: Passwords Suck

The Techdirt podcast had a good episode last week on why passwords suck and what might replace them. Here it is:


Comments (Archived):

  1. LE

    Memorizing a master password a nonstarter. Assumes you won’t suffer some medical problem temporarily or permanently which will prevent you from remembering the master password. You always need a plan B to that master password. It needs to be somewhere and somebody other than you needs to know where it is.

    1. fredwilson

      i think it is important to have a safe or a safe deposit box. i agree that having a hard copy of something as important as a master password is critical but then you need to store it somewhere safe

      1. LE

        Exactly. [1] Preferable solution would be a bank safe deposit box. I wouldn’t use a home safe unless it was a high end safe that couldn’t be carted away.Another option would be to create a mac osx encrypted volume and store that on a USB key which you store, say, in the home safe.Another thing you could do is entrust two people that you trust to half of the master password. (I can put holes in that one if I wanted..)[1] One of the reasons I almost never comment on mobile (which I did for that comment).

    2. Matt Zagaja

      Your plan B is the hackers plan A. Most systems are hackable because most systems are recoverable. If someone specifically wants to hack you, they will likely succeed (much in the way if someone really wants to break into your specific house they will be able to take some tool and do it). Password managers, etc. are just for limiting the pool of damage the lazy opportunists can inflict on you when they breach Sony, etc. again.

      1. LE

        Your plan B is the hackers plan A.Unclear please give detail.

        1. Matt Zagaja

          Most of the successful attack vectors I see and read about involve exploiting people’s backup systems and recovery processes. Phone number hijacking is a new popular one (break into Comcast, get the number forwarded, call the bank and ask them to wire your cash to another account, when they call to verify there is a person at the other end). If someone else has your master password, it is now only as secure as that person is. The current “state of the art” (or so I’m told) is you break up a key among trusted parties that have to come together and agree and reconstruct it.

    3. Luka Perčič

      It sounds like you are describing what we are doing at ZeroPass ( – not done jet).3 of your trusted friends have pieces (shamir secret sharing) to your recovery key. You need at least 2 to put it together.

      1. jason wright

        Similar principle to crypto multi sig escrow accounts at Coinbase?

        1. Luka Perčič

          An idea is the same (2 out of 3), but crypto is different since blockchain can’t work with secrets (private keys). This is why we use shamir secret sharing. We actually have 3 points where we use “multisig” in a different configuration.1.) First is with everyday use, where a server is protecting half of the password (shamir half, not an actual half :)) and it only releases it to its clients when he got 2 signatures from pre-approved devices.2.) Since you can lock yourself out of this configuration (your devices or server stuff could explode :)); Backup keys are deployed.We don’t want your friends to hold all your password (so that their collusion could be stopped.) We basically need to split the master private between all your devices (first part), one stays with our server (second part), and one is a backup key (third part). You need 2 out of 3).3.) Almost done :). For a third step, we need to store backup key somewhere, and this is when it gets split again to your 3 trusted contacts. 2 out of 3 needed to confirm.All that complexity is hidden, though, you only need to choose 3 friends, and when you start a recovery (from your devices) 2 out of them get a notification where they need to approve that. They don’t even need pin for that, just one click each (2 out of 3).

          1. jason wright

            thanks.perhaps we need to work on a workable definition of ‘friend’ here LOL 🙂

          2. Luka Perčič

            Is ‘trusted contacts’ better? (instead of a trusted friend?)You don’t really need to trust them that much, even if the collude they still need open access to your phone. If your phone is gone (or if they keep it offline) they need to wait a week before recovery would execute (if all 3 sign) or a month if only 2 sign.Anyhow, you would get blasted to email/sms/push notification on all devices, that somebody is starting recovery. You can stop it anytime with one click.

  2. Craig Cramer

    Does anyone use Apple password bank (I think safari only)? Is it secure?

  3. jason wright

    i use Google Authenticator, Authy, Yubikey, a personal ‘scheme’, and other solutions. I don’t have a safe.Personally i’ve been hacked only once. My old Twitter account was accessed by a Russian who left evidence of his presence, but it was not malicious. just a kid i think having ‘fun’.Someone tried to access a blockchain account earlier this year and failed. I complained to the Dutch host of the IP address and it stopped. it goes with the crypto territory.isn’t a master password a single point of potentially catastrophic failure?Quis custodiet ipsos custodes?

  4. Kirsten Lambertsen

    A to the M.E.N.

  5. sigmaalgebra

    Wanna password? Okay. Your name is? “Joe” you say? Okay, Joe, here is a password for you:Joe99827947293Oh, don’t like that one? Alright, here’s another one:Joe475892743233I can send you one a day for the small fee of $30 each. That’s for the Gold version.For the Platinum version, here is a sampleJoEdk2ojdh09h0weieand these are only $50 a day.Now, how these fantastic passwords are generated is a deep, dark secret of computer science, AI, and ML research!But, rest assured, these Gold and Platinum passwords are super tough to guess.What to do with these? Keep them in a safe place. Say, keep them in a file on your desktop computer and well backed up. To use one of these, just copy and paste via the system clipboard. Never use one of these passwords more than once.What to do if you need passwords for 100 different Web sites in Iran, Saudi Arabia, Switzerland (e.g., where UBS is), Sweden (e.g., where Ericsson is — hear that they got a new CEO), ISIS, Russia (where they like to buy uranium mining companies), China, etc. and their own bathroom Microsoft Windows Exchange e-mail server for each of 13 Blackberries and several each of iPhones, iPads, and laptops? Sure, do what the experts with such equipment do: Use one password for everything, e.g., “Chelsea”.”Security?” you ask? Well, if you are using a Blackberry that transmits its wireless data without encryption, that is, in the clear, why worry? Every hacker in the world with a suitable wireless receiver will have everything anyway!But for the rest of us deplorable irredeemables, do what I outlined above!

  6. Vasudev Ram

    Title of post:>Audio Of The Week: Passwords SuckCorrection: Passwords don’t suck. The concept of passwords itself, sucks. Because of points others have pointed out here, like you have to remember them, master password is even more dangerous (because at a stroke, losing it compromises all your accounts, etc).Oh, and about “passwords suck” – again. They don’t (just) suck. They suck *big time*. because they are a suckurity risk (typo/pun intended).Not offering a solution though. Hope some smart people are working on some.

  7. Will Pangman

    Yeah, they do suck. Here’s what we’re doing about it at @AirbitzThis is a demo of our fully private single-sign-on solution for the Ethereum prediction market, Augur. We call it “Edge Login” as it’s only the end users at the edges of the network that are ever in control of their private keys for both authentication and digital assets. Expect to see similar integrations for decentralized apps like Open Bazaar,, BlockFreight, and more.

    1. Luka Perčič

      You are not doing much; we can see pin (pin is a password!) in this video, and then i fund this gem in your faq;”What happens if I lose my phone?No problem. Just download Airbitz onto a new iPhone or Android device, use the same login & password, and you’ll have full access to your account, wallets, and funds.”Your basically doing, but using word blockchains a lot to mis-represent your project to ill-informed.

      1. Will Pangman

        Wrong. Pin is OPTIONAL for fast re-login, and it’s not a password in this case. Maybe you should read our docs? Also, Clef is centralized and not private. Airbitz is zero-knowledge and only the user controls their private keys. Hack clef, get in every account. Hack Airbitz, get no user accounts or data at all. An attacker in our system wouldn’t even know where to look for a given target, and we fundamentally can’t help them. “Blockchain applications” refers to the kinds of apps that KNOW they need this solution today. Our product is not limited to Blockchain applications, but blockchain developers have a big pain today: “how will users store and backup their private key for my app in a way that’s easy enough to be used by a lot of people?”

        1. Luka Perčič

          I did read your docs before (and whitepaper on core). Clef private key is also private and stays on the device (i am not a fan of theirs so enough of that). And no, you can’t just hack clef and get credentials, you need to brute-force them first 🙂 (their solution is not very safe).Your solution does look the same but less secure, because everybody can brute-force their way into user accounts (Let me know if you have any additional limits on that, it doesn’t look like it from docs). You really shouldn’t “decentralise” this part.Anyhow, if you can recover with just username and password, you left the gates opened way wider than Clef did.Your users would get hacked badly (when they would carry enough private keys for that attack to make sense).

          1. Will Pangman

            If you understood our security model and our tech, you’d realize how our model ruins a hacker’s risk/reward plans irreparably. With Clef, any attacker that gains access to their internal system definitely does have a great deal of power and can login to any clef-connected account for any user. This is not the case with Airbitz, as only the user is in EVER in control of their keys and Airbitz has zero-knowledge of all encrypted backups. With Airbitz, the user is the only person with access to their account and private keys. They are even protected from keylogger and screen capture malware by enabling “One-Touch 2FA” locking the account to the device (or multiple devices), and severely rate limited. Any attacker would need to directly target their victim in the real world. Even then, the attacker would have to gain access to the device AND the credentials. Credentials alone are not enough. This is meant to be something that is used by the mainstream with equipment they already have: mobile devices. There are degrees of security and privacy. Sure, you can lock things down in ways that make access almost impossible even for yourself. Airbitz achieves the best balance of USABLE security without breaking zero-knowledge privacy, while still providing account security, auto backup, revision control, device lock, and even private account recovery across all decentralized/blockchain/digital assets apps a user might use. Airbitz Edge Security and key management has been deployed and battle tested for two years now. Our users are happy. They don’t get individually hacked, because we made it boring and costly for hackers. We’ve basically removed any incentive for hackers by giving control to the end users in a way that’s familiar to them and much more secure than anything else they’ve ever used.

          2. Luka Perčič

            “the attacker would have to gain access to the device AND the credentials. “Not true, you have stated in the faq;”What happens if I lose my phone?No problem. Just download Airbitz onto a new iPhone or Android device, use the same login & password, and you’ll have full access to your account, wallets, and funds.”So which is it?Also, zero knowledge only really works if private keys used for it are totally random. Which is not the case with your system; which if it would be random, you wouldn’t have the option to just reset the account data based just on username and password.So you are breaking zero knowledge in a way, you are making it easy for an attacker to reuse victim password from other sites(leaks). (it’s the same with clef, but they at least authenticate you with password before giving you encrypted data).I would like to know more about rate limiting. Can’t find anything in your docs (it seems like anybody with the right username can request encrypted package, but not sure)Also, do you have security bounty on your system? It seems like a nice target we might try it (if it covers our opportunity cost).

          3. Will Pangman

            The FAQ is meant for users, not auditors. We would love for you to join our Slack and inquire further therein. I’m certain you’ll be satisfied with a proper deep dive. Please go to to add yourself. See you there.

          4. Luka Perčič

            FAQ should be the same for users and auditors. You should change it to reflect what is really going on and not mislead with it.I don’t really have the time to audit your system (it seems really bad, though, putting private data on a public server, just to play the decentralisation card) might be inclined to do so if you at least have a bounty program. Or you know, when i feel there are enough coins within, to make a splash.

          5. Will Pangman

            Your FAQ opinion aside, nothing therein is misleading. FAQ answers will not satisfy a computer scientist looking for a deep dive into a security model. If you think you can provide value by poking holes in it, be our guest! We’d be thrilled to provide you with a bounty if in fact you identify anything. We invite this! We’ve been audited by respected industry leading professionals before, and they’re quite impressed with what we’ve built. We have over 80k users, so there’s probably “enough coins within” to whet the appetite for any thief, but we wouldn’t know. Maybe all 80k of our users hold zero balances. We wouldn’t know, and neither can any attacker! Brute force one user at a time? Rate limited? Good luck.

  8. William Mougayar

    what might replace passwords is dependent on the interaction method we are limited by. The keyboard has been the dominant input device, which facilitated the written password. By swiping actions on the smartphone, we moved to finger movements or fingerprint recognition. Voice is still iffy.I sure hope we can evolve beyond that quickly, especially as cryptography and personal security/privacy needs are rising.

    1. Will Pangman

      Have you seen how we’re solving this for Augur? (and soon Open Bazaar! ;)I posted this video above, so forgive the repost, but I really want you to see this.

      1. William Mougayar


  9. jason wright

    i’ve listened to the discussion and read the comments. i’ll be making time to review my approach to my login security very soon.

  10. LE

    You can also use Mac OSX to create an encrypted volume which you can store on a USB and cart around.I’ve been preaching this method for 15 years, and it has never failed me.By the way it’s not obscure (for you personally at least) if you are blogging about it to the world Josh.can rest easy knowing the KeePass databases are stored encrypted using some of the strongest ciphers in existence today. So unless you’re protecting the kind of info that might one day end up on WikiLeaks, you’ve got little to worry about in storing your KeePass data online.The whole issue is resting easy. This is the same “we’ve got this all figured out” that everyone says. Behind the scenes lots of mistakes get made, if they didn’t we wouldn’t be discussing this today.

  11. LE

    Agree in part but my point was that if, say, Josh Habdas was doing security work for Hillary Clinton it would be nice to know a bit about how he secures his own passwords. From that we would have an easier time hacking him and/or figuring out a potential method to hack Hillary with certain assumptions.

  12. jason wright

    Yes, that is a problem.I like Yubikey, but the company needs to start making USB C type keys. I do have one of their NFC compatible keys for mobile.

  13. LE

    Muscle memory. Does it work when you are on life support or all drugged up?

  14. LE

    That’s what we do here at AVC. We make comments in response to others comments so others can learn from them and decide themselves. My original comment (which you replied to) stands:Assumes you won’t suffer some medical problem temporarily or permanently which will prevent you from remembering the master passwordIf you don’t want to have someone comment on your comment, then don’t make comments at by the way it’s not all about “you”. There are others, perhaps family members that are impacted by not having access to accounts that “you” setup even if you have bigger problems.