Was the forum ever hacked or compromised?

[6t8k]

First things first, I'm not trying to convince you to use a password manager. I don't mind at all if you don't - who am I to judge over personal decisions like that?
I intend the following to merely be some food for thought for the inquiring, (password) security aware lurker

And that is assuming an attacker can't crack it faster because it's not random, and/or because he can sensibly use rainbow tables because the passwords weren't stored in the database in a secure fashion.

Yup, nothing can be done about this other than hoping that you get notified about the breach before any nefarious individual actually accesses your account, so you can change your password.

Of course there is something that can be done -- for starters, users should use strong passwords and programmers/sysadmins should use best practices for password storage and security in general. This is their job.

Since you can use the maximum length allowed for any given website, they are technically more secure, but beyond a certain length, you get exceedingly diminishing returns.

They are in fact more secure in the real world because people use stronger passwords with them: it's no news that people, by and large, don't use long enough and/or unique passwords. A password manager is never going to generate you a password that any other person uses (i.e. would easily be cracked because these lists are naturally tried first by attackers) even if it's just 10 characters long. So while that's true in principle, it kind of misses the point: it's not about diminishing returns, it's about sensible and effective measures, and using a password manager is immediately more effective than trying to remember any password. Even if you come up with a strong one, odds are you'll forget it, and resort to writing it down or using a weaker one.

But the advice to use randomized passwords is somewhat misleading, though. [...] if you string together, say, 3~4 four words of 5 characters each, separated by any punctuation of your choice, you'll easily get into the 17~20s characters without much effort and it still remains easy to remember.
I understand the aversion to doing this for, and having to remember, many passwords, though.

What about that advice is misleading - would you say that random passwords decrease security?
Maybe that method of chaining a number of words can work, but keep in mind people usually don't choose these words at random, but are influenced by natural language, which has significant bias. If they're not chosen at random, that approach loses what advantage it may have over passwords. If you have more than say, ten or even just five online accounts, I salute you if you have good passwords and can remember all of them (Troy Hunt is the guy behind haveibeenpwned.com, which has been mentioned here).

By the way, if you like choosing passwords/-phrases yourself, you can totally do so with password managers. Choose a nice and long phrase, different for each site, and save it in your password database. You'll still reap some benefits this way like averting: forgetting, most keyloggers, shoulder surfing.

That has nothing to do with aversions. It's about being inquisitive about what might be good practice that you find yourselves able and willing to adopt in order to maintain good online security.

just generate the passwords according to some rule that only you know

By all means, try not to. The secrecy should lie in the password itself, not in the method used for chosing it. In other words, best is to use random passwords.
Kerckhoff's principle is a fundamental element to many, many aspects of modern information security, including passwords.


Remarks fit into the quote in bold:

Using passwords with at least 8 characters length would be old advice by the way. Here (archive), researchers recommended using at least 12 characters. And that was in 2010. Computing power grows all the time, so with time, longer and longer passwords are economically crackable

That applies to offline cracking only. Computing power doesn't really help you against server side rate limiting [...]

Sure, but don't you want to protect yourself against offline attacks? It's not dubious advice just because it's not as relevant for a different threat model (after all it doesn't protect you worse from online attacks).

Sure, picking a longer password might help you, but only if you're the sort of person who re-uses passwords and then only if the server that's compromised have properly stored the passwords.

While you naturally should never reuse passwords as you say yourself, the question whether you do is irrelevant here: longer passwords offer better protection either way. In the same vein, longer passwords are always more secure regardless of the way how the server stores them. Can you explain a scenario to me where that isn't the case? There is only one case where a longer password doesn't help you at all: if the server seriously stores your password in plaintext.

So I still see telling people to use long passwords for online services as a stupid half-measure that will only give them a false sense of security.

For the reasons I gave above, I don't follow. The only scenario I can imagine where longer passwords have disadvantages over shorter ones would be if you 1) have to remember it and 2) always have to type it in.

@Bassa-Bassa/ReyVGM:
couldn't have explained better than Zell what password managers do!
As mentioned by SKYe, KeePassXC is a good choice. If on Windows you can't go wrong with KeePass (without XC) as well.
KeePassXC as a software project was originally based on it, their database formats are interoperable, so you can easily migrate from one to another if needed.

[Bassa-Bassa]

Yeah, thanks. The problem with something like KeePass is that you can't log in if you're not on your PC where the app is, can you? You're tied to it for everything once you start using it. Cloud storage will never be an alternative for many people.

[__SKYe]

I intend the following to merely be some food for thought for the inquiring, (password) security aware lurker

Sure. Some quick clarifications first:

Of course there is something that can be done -- for starters, users should use strong passwords and programmers/sysadmins should use best practices for password storage and security in general. This is their job.

No disagreement here. My comment was only in regard to what the user can control -- their password -- and with the assumption that it would have no involvement on what led to the breach.

What about that advice is misleading - would you say that random passwords decrease security?

Not at all. I was thinking of someone used to the old 8 character password advice (and no password manager) -> new advice of 12 random characters -> no way they'll remember it -> have to write it down -> better to string a few words together. I wasn't taking managers into account at all and shouldn't have written that, so please disregard it.

Anyway, moving on.

All I've written before, about using chained words as passwords (I'll henceforth simply refer to them as longword passwords) hinges on the idea that if someone is going to do it then they will do it right. Just because most people botch the process of choosing them (ie. using common words/phrases/lyrics/names/places, using leet speak substitutions, etc.) doesn't mean it can't be done right. This also goes for my comment that long random passwords give diminishing returns; that was meant in comparison with a properly chosen longword password.

If the person choosing the password doesn't perform due diligence and researches what goes into a good password, then there's little point in doing it in the first place. It is much better to simply use a password manager in this case. I have always had the informed user in mind and if I've left anyone with the idea that I meant otherwise, I apologise.

A good exception to longword passwords is if password length is constrained (eg. <12 characters). In such a case a random password should be used because you can't make up in entropy by increasing length.

Before I forget, regarding some things in the articles you've linked:

• I don't have any account where maximum password length is less than, at least, 16 characters, and only one constrains the character set to alphanumeric-only, so I didn't take into account such cases. Like I wrote above, random passwords are a necessity here (the PIN-only websites are preposterous!).
• It seems I grossly underestimated just how many accounts people can have (100+!), though this is a moot point since you don't need anywhere near that many to lose track of them.

So, keeping in mind that there is no question as to which type of password is more secure, why use longword passwords at all? For me, it is all about a good balance between security and usability.
Let it be noted that I believe that good longword passwords are not vulnerable to even offline cracking; not anytime soon anyway. If someone wants the best security and/or doesn't have faith in this type of password, then just use a password manager and disregard anything below.

With the password security issue aside, what are the cons to using one? Only one, in my opinion, which you wrote yourself; you have to remember them. The good part is that you can actually type them easily unlike a random password, if for some reason you have to type it by hand. Regarding having to type them frequently; I don't consider that a problem.

For me, these two password types lend themselves very well to two types of accounts: those that you don't use often and/or don't use from other devices, and those that you use all the time, potentially from different devices, and/or where you really need to remember the password yourself (ie. the master password, main email account, etc). Which leads to...

Do I use password manager? Indeed I do.
I have less than twenty accounts, and most of them fall into the first category above, so I let the password manager handle them, but for about half a dozen of them, such as email account and this forum, I use longword passwords and have them memorized. I still have them in the manager, of course, but simply as a backup mechanism.

Concerning the use of a rule/method to generate passwords:
Like I've written before, for an attacker to reverse engineer the pattern, they would have to have access to multiple of someone's passwords and care enough to target them specifically. But that is a fair point, though. I do believe most anyone shouldn't have any problem remembering even ten different passwords, if you base them on something that is memorable to you. Using a quote from RegalSin (from GP's venerable thread) as a starting point for a password to this forum would be a good example. I can't open this website and not remember some of those classics now.
Of course, using quotes (or anything, really) as is would be a mistake, so some transformation should be applied. I touched on this before, but using different languages is a very easy and effective way to get a more secure set of words. I don't think I'm to far off when I say many people on the internet are at least bilingual, and/or know a fair amount of vocabulary from a (number of) different languages.

Hopefully this isn't too much of a mess -- I've written this in a bit of a rush, since I have other things to attend to.
I don't know what else to say; have I forgotten anything?

Oh, thanks for the articles you've linked; Troy's blog, in particular, was quite fun to peruse.

Anyway, TLDR:

• Password managers (+ random passwords) are the most secure way to protect your accounts.
• But if you're not using a random password, (good) longword ones are likely your best bet. You'll probably need at least one password that is not random (maybe more), so this is still helpful.
• If you're going the route of not using random passwords, please do some research on what to avoid and what not to.

@Bassa-Bassa

I think the way to get the most of KeePass & friends is to have it installed on all devices you own, and to use a cloud/hosting service as a way to share the password file between them. Automatic password syncing is usually one of the perks of the paid options, but perhaps some of the freemium services also offer it? I've never used them so I can't help.
As for KeePass/XC, the main difference is basically that the former runs on .NET/Mono and the later uses QT. I do believe you can use vanilla KeePass in Mac and Linux but don't quote me on that.

[Ji-L87]

Sharing password files seems a bit cumbersome. I took the path of least resistance and went with one of the more user friendly options that has a web account, mobile app and browser extension.

In the end I went with Bitwarden and have been pretty happy with it, somewhat spotty autofill on Android not withstanding. I don't have any experience with any of the other more popular ones like Dashlane or 1pass but for what it's worth this one is open source and can be self hosted if one would be so inclined, which I'm not

[__SKYe]

Very cool, I wasn't aware of BItwarden.
Personally, I'm fine with simply using it locally, on the desktop, and I only use online storage as backup, which is why I didn't look much further than KeePass.

[ulti]

I'm glad there's already a thread on this subject. I've been going throughout all the accounts of mine (that I know of) in the past few days, updating the passwords to be have random strings, storing them in bitwarden, yadda yadda.
I did the whole "forgotten password" email thing and something stuck out to me. Instead of giving you a link to enter a new password yourself, the email gives you a link to activate a password that it gives to you.
Passwords being sent through email is already really not a good idea, but the fact that it's possible in this case means there's a possibility that the passwords for this forum are stored in plain text. Are any admins able to confirm this not being the case? I would be happy to be proven wrong.

[ZellSF]

While you naturally should never reuse passwords as you say yourself, the question whether you do is irrelevant here: longer passwords offer better protection either way. In the same vein, longer passwords are always more secure regardless of the way how the server stores them. Can you explain a scenario to me where that isn't the case? There is only one case where a longer password doesn't help you at all: if the server seriously stores your password in plaintext.

It's about priorities. You tell people three things (use more complex passwords, use longer passwords, use a password manager), they won't do all three. Most people will opt for more complex passwords (at cost of length), some will do longer passwords (at cost of complexity) and basically no one will use a password manager. The one solution that would solve both the others.

So tell people just the one thing: use a password manager. I think any other password advice is bad.

I'm glad there's already a thread on this subject. I've been going throughout all the accounts of mine (that I know of) in the past few days, updating the passwords to be have random strings, storing them in bitwarden, yadda yadda.
I did the whole "forgotten password" email thing and something stuck out to me. Instead of giving you a link to enter a new password yourself, the email gives you a link to activate a password that it gives to you.
Passwords being sent through email is already really not a good idea, but the fact that it's possible in this case means there's a possibility that the passwords for this forum are stored in plain text. Are any admins able to confirm this not being the case? I would be happy to be proven wrong.

Sending password is not the best practice to do password resets, but you really shouldn't expect much in terms of security on a gaming forum.

[6t8k]

Of course there is something that can be done -- for starters, users should use strong passwords and programmers/sysadmins should use best practices for password storage and security in general. This is their job.

No disagreement here. My comment was only in regard to what the user can control -- their password -- and with the assumption that it would have no involvement on what led to the breach.

It may lead a bit off-topic now, but for completeness sake, even as a user you can do a lot. It's unfortunately not a matter of course that training + management are always going to sustain a standard you'd be happy with in that regard (two emblematic examples: [1] [2]).
As a user you have to demand security too instead of putting up with everything. You have leverage this way because users/customers imminent to leave is naturally one of the things companies listen to the most.
Generally speaking, if society wouldn't demand it, that would basically mean a carte blanche to wreak havoc.

One also shouldn't dismiss that there are many consumer protection / civil rights organizations / NGOs the potential of which is not to be understimated and there's the option of supporting them. Sometimes these can celebrate large successes, but even if they don't, they help in an indirect way due to the fact that they're there applying pressure/acting as a corrective.

There's enough questionable developments like companies simply pricing in the expected cost of data breaches (fines they have to pay to authorities + expenses for internal clean-up, partially even including loss of public image) instead of actually turning towards the causes, which is only possible due to corresponding societal/political incentives, or states hoarding vulnerabilities because they want to use them to surveil individuals or to "hack back" other states, but as I don't want to go completely off-topic, let me just point to one example that's not only relevant to the topic but also current:

For example, in Germany, there was just a proposal by the ministry of justice for a law amendment to obligate online service providers to provide user's passwords as part of a request for information for the purpose of criminal prosecution. As per that amendment, no court order shall be necessary and the affected user shall not be informed by the service provider. This is quite bold for the reason alone that storing passwords in plaintext would be illegal due to existing law and counter many recent achievements that went into the different direction in Europe, for example due diligence established by the GDPR among other things. It was even said explicitly that online password managers would be included.

All I've written before, about using chained words as passwords (I'll henceforth simply refer to them as longword passwords [ed.: passphrase is the established term]) hinges on the idea that if someone is going to do it then they will do it right. Just because most people botch the process of choosing them (ie. using common words/phrases/lyrics/names/places, using leet speak substitutions, etc.) doesn't mean it can't be done right. [...] I have always had the informed user in mind and if I've left anyone with the idea that I meant otherwise, I apologise.

It's always nice seeing individual people manage doing their homework and find solutions that work for them. In all seriousness though, I'd question the value of an approach if it's that hard to get right.
In light of that, I can't unconditionally recommend your passage about constructing/transforming a passphrase out of public info surrounding the site the password is for, even when not using a password manager.

Let it be noted that I believe that good longword passwords are not vulnerable to even offline cracking; not anytime soon anyway.

A tautology - they wouldn't be good if they didn't resist offline attacks

The problem with something like KeePass is that you can't log in if you're not on your PC where the app is, can you? You're tied to it for everything once you start using it. Cloud storage will never be an alternative for many people.

KeePass is on smartphones/tablets with multiple variants for Android and iOS, there's a non-exhaustive list here. I wouldn't say you're locked in, you can migrate to virtually any other manager by exporting CSV/XML in KeePass.
KeePass(XC) stores everything locally, so you have to care for synchronization yourself if you need it. You could simply copy the file to all your devices after changing passwords, but depending on how many devices you need them on and how often you change passwords, that may not be a viable option. There are other managers that come with cloud storage and can automatically do the synchronization for you.
Having backups is important, HDDs/SSDs can fail prematurely. When you have your password database file on multiple devices you may be fine, but you could also go the cloud storage route - which is fine since the file is encrypted (although they'll probably learn your activity profile this way due to when you login) - and it may simplify synchronization at the same time.
If you're a little more enterprising you can replace the mentions of cloud storage above with self-hosted storage.

I did the whole "forgotten password" email thing and something stuck out to me. Instead of giving you a link to enter a new password yourself, the email gives you a link to activate a password that it gives to you.
Passwords being sent through email is already really not a good idea, but the fact that it's possible in this case means there's a possibility that the passwords for this forum are stored in plain text. Are any admins able to confirm this not being the case? I would be happy to be proven wrong.

I very much doubt it, I don't know exactly which version of phpBB is running here, but 3.1 and 3.2 hash the password using bcrypt/blowfish by default, which is not the best, but serviceable. 3.3 can use Argon2 if the PHP it's running on supports it, which is really nice.
If it's 3.0 though, then it's not outright stored in plaintext, yet it's still pretty catastrophic. I sincerely hope we're not running 3.0, that version does not receive updates anymore since Nov 2015.
As for the password being sent to you, that's no witchcraft at all without it being stored in plain text! The new password is generated, then the email is sent, then the password is hashed, and then the hash is written over the old one for which you forgot the corresponding password.

@ZellSF: I think we agree here Though when using a password manager, I can imagine people who aren't familiar with that concept just typing in and saving a self-invented one instead of clicking the "generate button".
So it's still important that they indeed use long and random passwords, otherwise they waste a main benefit.

[ulti]

3.1 and 3.2 hash the password using bcrypt/blowfish by default

If that's the case then everything should be good. Both of those store passwords as salted hashes