Choosing a password? Size does matter

Pretty much everyone uses Microsoft Windows at work. If they have a PC at home then that’s probably running Windows too. Most will be running Windows 2000 or XP. Despite this, pretty much every PC I have ever tested is still configured to be compatible with LAN Manager - a Microsoft operating system that most organisations stopped using 12 years ago! This is all part of Microsoft’s desire to be “backwards compatible” with older systems.

Why is this compatibility with LAN Manager important? Well, it comes down to how your password is encrypted and stored. By default, Windows passwords are encrypted using two different algorithms: the LM algorithm (to retain compatibility with LAN Manager) and the NTLM algorithm (which is cryptographically stronger).

The encrypted password is called a hash - and both types of hash are stored on your computer. The first problem with the LM hash is that it is in fact composed of two 7-character hashes. So if you were to choose a 10-character password, it would effectively appear to be a 7-character password and a 3-character password, reducing the number of permutations significantly. The second problem is that the LM algorithm coverts upper and lower case characters to all upper case, thus reducing the number of permutations even further.

You might imagine that even a 7-character password is very difficult to crack. Indeed, if we were to try guessing every possible 7-character password using an automated tool, it would take something like a month to work through all the permutations, by which time you may well have changed your password. However, most people choose something far simpler - perhaps the name of their partner with a number appended or some other word commonly found in a dictionary. An attacker with the right software can try most words from the English dictionary, a large selection of proper nouns, and all of these with one or two numbers appended in just a few minutes.

The traditional response to this is to encourage users to use complex passwords containing random letters, numbers and symbols. Such passwords are impossible for the average person to remember, resulting in other serious problems such as passwords written on post-it notes or under the keyboard where even inexperienced attackers can find them.

Now there is a new threat, one that requires a serious response to the problem of LM hashes - rainbow tables. Putting it simply, rainbow tables are lists of pre-computed hashes for a selection of passwords, making the process of guessing a password very fast indeed. The downside of rainbow tables is size - the longer the password you are trying to guess, the larger the tables need to be. However, the rainbow tables for most combinations of upper case letters, numbers and symbols for a password up to 7-characters long are only 64 GB in size - quite easy to store on a portable hard disk or even a USB key. This means that it becomes feasible to “recover” password from a LM hash in seconds, no matter how complex the original password.

For some time it has been possible to “switch off” the backwards compatibility in Windows, but most people don’t know that this is possible, or even that it’s important to do so. In any event, even a 14-character NTLM hash is vulnerable to a rainbow table attack, albeit a very large set of rainbow tables for the attacker to generate (or download) and use.

So what’s the solution? When Windows 2000 was launched, the maximum length of a Windows password was increased from 14 characters to 127. Of course, this remains true for Windows XP and Windows Server 2003. One interesting side effect is that a Windows password longer than 14 characters no longer has an LM hash and thus is invulnerable to any LM attacks.

The other effect is surprising for many people - the password can in fact be seen as a passphrase and thus simple to remember! A passphrase such as “If I won the lottery I would buy a Ferrari” is very easy to remember and all but impossible to crack by any of today’s tools. So, providing that your PC is running Windows 2000 or XP, you are free to choose an easy-to-remember, effectively uncrackable password. Simple, eh?

Peter Wood, Chief of Operations at First Base Technologies, an ethical hacking firm based in the UK, will be speaking at FIRST Security Conference in Sevilla. FIRST is the premier organization and recognized global leader in incident response. For more info, visit FIRST's website at http://www.first.org.