Do not wordle your passwords

Thu, Feb 10, 2022 5-minute read

Guess the WORDLE in six tries. Each guess must be a valid five-letter word [1]. That is the description of the word game created by Josh Wardle.

Guessing the word of the day is similar to guessing a weak password. When a password is constructed from words, they are called dictionary passwords. This category of passwords is also why the National Institute of Standards and Technology (NIST) recommended that passwords chosen by users should be compared against a “black list” of unacceptable passwords. This list should include dictionary words [2]. If their password of choice is on the list, then they should be disallowed to choose that password.

Guessing strategy

WORDLE is limited to valid five-letter words. On the laptop, where I am writing this, the American English dictionary contains 4.593 five-letter words [3]. One guessing strategy would be to start at abaci and end at zooms. Since the game has a guessing limit of six tries, you would only come to abate before it is game over. If the word of the day is randomly chosen from the list, this strategy would give you a winning chance of 0,13%. Can we do better? Another strategy is to simulate games and analyze which word to choose first. One analysis of this kind shows that you can get a winning change of 98,79%. Start with the word adept and choose the subsequent words carefully [4].

The strategy for WORDLE can be transferred to guessing the password on a login page. Login pages that follow best practices limit the number of incorrect login attempts [2]. In contrast to the word game, the number of possible cases is astronomically large [5]. To increase the odds of getting access via a login page, an attacker would likely try with information known about the victim. Which city was the victim born in? Which high school did they attend? Name of their favorite pet? Information that is publically available on many social media.

The strategy changes in cases where the attacker has access to the password storage. Now that the attacker is no longer limited by the login page, they can systematically try many passwords using their own servers. There are dictionaries available of common passwords [6, 7] and tools to try minor variations of each word in the dictionary as well [8]. If the password is stored using one of the configurations recommended by the Open Web Application Security Project (OWASP) [9], then I can do 3.613,81 checks per second [10]. With the 54.763 possible passwords, it would take an attacker mere 15 seconds to check if your password was one of the most common ones.

WORDLE

Example of a WORDLE game. wordle.gary.mcad.am

Correct horse battery staple

What a random headline. Correct horse battery staple. It is from an xkcd web comic named Password Strength. It addresses the following issue: We have been taught to use passwords that are hard for humans to remember, but easy for computers to guess. Take the uncommon word “troubadour” as an example. If it is capitalized, common letter substitutions applied, and a common ending becomes “Tr0ub4dor&3”. The password seems secure because it looks obscure to the human eye. According to the web comic, with 3.613,81 checks per second, the password is found within a day.

Is it also insecure to pick four random words from the dictionary? According to xkcd, it is perfectly secure to pick four random words. I trust the numbers, but let us verify them. Picking four random words in my American English dictionary produces around 10^20 different choices [11]. With the same amount of checks per second, it would take an attacker up to 964.120.545 years to find the password. It is not astronomically long time, but it is a darn long time. It is probably secure for most use cases.

What can you do as an individual?

A secure password should not be guessable in days, weeks, or a few years. Technology keeps evolving. What takes a few weeks now may take a few days soon. Choose long passwords that are not yet known to the public. Using a password manager ensures that you only have to remember one long password. You can pick your own random words or use correcthorsebatterystaple.net. With the default settings, the passwords will take up to 2.367 years to crack. You can add multiple separators, words, or additional dictionaries. This will make it more complex for computers, but not make it significantly harder to remember for a human. The password manager will generate and securely store all other passwords. In addition: use two-factor authentication (2FA) everywhere you can.

What can you do as an authentication provider?

Secure your application by helping your users to choose secure passwords. Do you check if your users' passwords can fall victim to dictionary attacks? If not, then check out the free, easy pluggable, and ready-to-use javascript module. It features a convenient way to check for common passwords.

References