Forgive me for saying this, but I'm a bit dismayed at the arrogance of
people talking about "idiots" and "stupid" and "fools". People using
cryptography on computers are generally not stupid. If they are having
a hard time with passphrases, I humbly suggest it is because we as
cryptographers and security system designers have failed them.
Personally, I think the whole model of passphrases is a mess. They're
clumsy to use, awkward to remember, and insecure in practice. (It's
only an accident that the recent PGP-key-stealing Word Macro virus
didn't watch for the user's passphrase and steal that as well as the
encrypted secret key.)
One contribution that systems security people can make is to think of
models other than passphrases for protecting secrets. I'm particularly
fond of relying on a small amount of secure hardware, but of course
that's not a panacea either. There are lots of other approaches.
Another contribution we can make is to think of ways to make people's
use of passphrases more secure. We've been fighting this battle (and
losing) in Unix passwords for at least ten years, but it's still a
good fight. It's not enough to just say "users are stupid". Maybe
"users need education, and they need tools to help them make the right
choices" is more productive?
[EMAIL PROTECTED]
. . . . . . . . http://www.media.mit.edu/~nelson/
