Gregory's Server
Structural security trumps computational security ... or ...
Diffuse structural security trumps amalgamated computational security ...
All your big, strong passkeys in one basket is less secure than your passwords in many individual baskets ...
Trying to explain this to tech bros can resemble pushing a wagon uphill ...
Because they want to sell something, logic is not paramount.
See here:
https://www.metzdowd.com/pipermail/cryptography/2023-September/038186.html
"A password in my brain is generally safer than an app or SMS stream that can be compromised. Although a passphrase may in some cases not be computationally more secure than a token mechanism or two-factor sytem, the simple passphrase is often _structurally_ more secure because that passphrase only links to and exposes one service target."
and here:
https://www.metzdowd.com/pipermail/cryptography/2023-September/038188.html
"I like to compare it to having one basket of eggs in one spot, and many baskets of eggs in many places. If your one basket of eggs has the master key to all the other stronger keys, is it easier to get the one basket, or the many baskets with weaker keys? So in this scenario cipher strength is not the most important factor for security. With a single basket one fox or pick-pocket or one search warrant can own all of your eggs for all your services."
#Passkeys #Passkey #Passwords #Password #2FactorAuth #Authentication #Security #Cryptography
Diffuse structural security trumps amalgamated computational security ...
All your big, strong passkeys in one basket is less secure than your passwords in many individual baskets ...
Trying to explain this to tech bros can resemble pushing a wagon uphill ...
Because they want to sell something, logic is not paramount.
See here:
https://www.metzdowd.com/pipermail/cryptography/2023-September/038186.html
"A password in my brain is generally safer than an app or SMS stream that can be compromised. Although a passphrase may in some cases not be computationally more secure than a token mechanism or two-factor sytem, the simple passphrase is often _structurally_ more secure because that passphrase only links to and exposes one service target."
and here:
https://www.metzdowd.com/pipermail/cryptography/2023-September/038188.html
"I like to compare it to having one basket of eggs in one spot, and many baskets of eggs in many places. If your one basket of eggs has the master key to all the other stronger keys, is it easier to get the one basket, or the many baskets with weaker keys? So in this scenario cipher strength is not the most important factor for security. With a single basket one fox or pick-pocket or one search warrant can own all of your eggs for all your services."
#Passkeys #Passkey #Passwords #Password #2FactorAuth #Authentication #Security #Cryptography