Comments on: New(er) in the Lab: HashMask – Another (More Secure!) Experiment in Password Hashing

By: BitShifter

BitShifter — Sun, 03 Oct 2010 14:04:28 +0000

I agree with Nick and similar commenters. By producing a sequence of sparklines you have effectively given the attacker an oracle for confirming each individual character in sequence. Assuming a slow typist, one will have an image for each keystroke. Add to this, basic shouldersurfing techniques and the ability to recover a password will be greatly enhanced. If you can remember even just the quadrant of the keyboard that a key came from, you now have a whole lot of information.

As for hashing the password together with the account, you still have the same situation. The account name is not private information. One could enter the account and then watch for the sequence of sparklines that the attacker saw.

Only showing the hash after X number of characters would strengthen this, however, you still end up with an oracle for when you get the prefix right. Again, adding a little rudimentary shouldersurfing and the search space for the attacker becomes much smaller.

A button that the user could press to display the final sparkline would give the user feedback that their password is correct, and since it is not returning this information at each keystroke, the information leak would be minimal. A shouldersurfing attack would degenerate to it’s current difficulty.

By: Nick

Nick — Sun, 03 Oct 2010 02:18:41 +0000

One security improvement for public situations would be to only begin generating the images AFTER the minimum password length for the site is hit (maybe showing it sooner is part of the usability discussion I missed though).

In a public situation with a slow typer (I know quite a few), an onlooker could theoretically watch and recognize the set of images that lead up to the final password if there was enough time for an image after each character. They could then reconstruct the password by going in sequence until they get each image at the right time.

I realize it’s a long-shot, but I don’t know that it compromises the usability much for a small increase in security, since all feasible password lengths generate the image (plus, it tells users that their password is out of bounds if they type one that’s too short).

Should be quick to add – I’ll probably do so on my own sites.

By: Django

Django — Tue, 07 Sep 2010 22:03:03 +0000

It’s a cool looking tool, but I think Apple does it best when they show each character as you type it, and then hide it when you type the next. There is a JavaScript for this too. Basically, a hidden input and a text input is created in place lf each password field. The hidden input is filled with the password as it’s typed, and stored in the text input using jQuery’s data() function. Meanwhile, the text is replaced by bullet points.

By: butterfree

butterfree — Thu, 05 Aug 2010 13:24:23 +0000

the username should be hashed as well so a user won’t recognize when another user has the same password as them.

By: Alex

Alex — Sat, 03 Apr 2010 12:58:40 +0000

While the final sparkline is irreversible and will take reasonable forever to obtain a password from it, for slow-typers the attacker will gain a sequence of forms and colors, thus making the breaking task easier

By: zack kitzmiller

zack kitzmiller — Fri, 12 Feb 2010 21:09:54 +0000

I think line 63 should be changed to:

$(‘body’).append($sparkline);

I’m not sure why you’d want to attach it to the form, it could get crazy with position:absolute, if the form is heavily stylized.

By: David Leppik

David Leppik — Fri, 22 Jan 2010 16:28:10 +0000

Have you considered using Chernoff faces instead of sparklines? They are a good visualization technique for making random numbers memorable. Examples:
http://mathworld.wolfram.com/ChernoffFace.html

Another thing to keep in mind is that the password is typed in a predictable order, so you leak information as you type. In particular, the first sparkline probably gives away the first character.

If I were to re-implement this idea, I’d do the following:

1. No feedback for the first 4-6 characters.

2. Limit the hash size to limit the data leak. Following up on another commenter, I might limit the hash space to around 100 images. Or I might make it a fraction of the number of characters.

3. Use Chernoff faces or some other image source that human brains are really good at recognizing.

4. Keep the color. For me, the color is more memorable than the sparkline. You could even change the input field background.

By: Luis

Luis — Sun, 03 Jan 2010 12:29:34 +0000

Hi,

I use Lotus Notes 8 and the feedback is no longer hieroglyphs but just random icons. It is extremely helpful because I know whenever I am typing a wrong password before hitting enter.

Too bad it is not used anywhere else…

Luis.

By: Peter Capek

Peter Capek — Fri, 11 Dec 2009 01:09:05 +0000

I saw the description of HashMask and was going to comment here about Lotus Notes’ similar idea, but I see Carl Joseph has beaten me to it. I no longer use Notes, but during the time that I did (several years), I never found these hieroglyphics very helpful. Perhaps they provide some feedback to a few users, but everyone I ever discussed it with ignored them. I’m almost certain that IBM/Lotus has a patent on this idea, but I don’t know how broad the claims are. Inventor is probably Ray Ozzie.

By: Carl Joseph

Carl Joseph — Sat, 05 Dec 2009 09:35:14 +0000

I hate to drag up old technology, but Lotus Notes has been doing this for quite a while. The password prompt displays a random number of Xs for each keystroke and also provides some “hieroglyphics” alongside. Here is an animated example: http://www.codinghorror.com/blog/images/lotus-notes-login-dialog-animated.gif

The hieroglyphics act as a subconscious check that you’re typing your password correctly. Similar to the hash visualisation used by HashMask.

This is a nice idea and I hope it becomes a standard feature in browsers.