Many cryptographic systems require a user to remember a secret, represented by a complex string of characters that cannot be shared with the encryption service. This secret string or passphrase is typically the initial information from which a secret (private or symmetric) encryption key is derived and is used to encrypt other secrets such as encryption keys that are stored as part of the encrypted information itself or with untrusted services. The user can decrypt the user's own keys using the secret passphrase. Another advantage of a passphrase protected key is that the owner may change the passphrase and re-encrypt the key without replacing the key itself. Consequently, the secret string cannot be recovered or reset by anybody else except the owner. On one hand, the passphrase is the single private secret used to protect important information such as encryption keys so it cannot be shared with others or stored in places it can be compromised (email, cloud storage, mobile devices etc.). On the other hand, while being totally safe, losing or forgetting this secret string may cause permanent data or access loss. A common example is related to the ability of users to encrypt their data within a public storage system without sharing the encryption keys with the service vendor. This is required many times as the information can leak to the vendor's employees, to sophisticated hackers and intruders that hack the service provider or be a subject of subpoena without the knowledge of the data owner.
Such a secret string, which is typically called a passphrase, is typically a sequence of words that has no chance being derived using a brute force or dictionary cryptographic attack. In many cases, it is composed as a sequence of words and numbers that can be remembered together as a full sentence (e.g. threecatdayhapynesstotheplanet1970, that may be reconstructed from the 1970 song, “joy to the world” by the group “three dog night”). Such long and unique strings would not be likely to be broken by a brute force attacker even if the attacker knows a-priori information about the target (e.g., that “Joy to the World” is the favorite song on the target's mobile device). Other systems use the term password and passphrase interchangeably. Some systems will store for a passphrase “reminder” that the user designates, like “a modification to my favorite Canadian song” that the user can recover if they forget the pass-phrase.
For example, the widely used cryptographic standard OpenPGP requires that a user make up a passphrase that must be entered whenever decrypting or signing messages. Internet services like Hushmail provide free encrypted e-mail or file sharing services, but the security present depends almost entirely on the quality of the chosen passphrase.
Typical advice for choosing a passphrase includes suggestions such as:
Long enough to be hard to guess
Not a famous quotation from literature, holy books, etc.
Hard to guess by intuition—even by someone who knows the user well
Easy to remember and type accurately
For better security, any easily memorable encoding at the user's own level can be applied.
Not reused between sites, applications and other different sources.
In most systems, forgetting the passphrase will cause a loss of information. For example, the Google chrome passphrase reset includes the following warning:
“This step will delete all previously synced data (bookmarks, apps, extensions, etc.) that is stored in your Google Account.”.
Github uses passphrase to maintain secure SSH connection. The Github passphrase reset includes the following warning: “If you lose your SSH key passphrase, there's no way to recover it. You'll need to generate a brand new SSH keypair or switch to HTTPS cloning so you can use your GitHub password instead.”
Other systems try to help you not forget the passphrase by letting the users store hints or reminders to their passphrase and retrieving these hints if the user fails to remember the pass-phrase/password.
The following is quotations from several “zero knowledge” services that do not store the user secret string (they use different terminology to name this non-stored secret string).
SpiderOak is an encrypted “zero knowledge” file sharing service: “What if I forget my SpiderOak password?
First, when logging into your account be sure you're entering the correct username with the correct capitalization or it will not be accepted.
If you created a ‘Hint’ for your password when you first made your account, you can have that hint sent to your e-mail address by entering your username (not your email address) here:
https://spideroak.com/forgot_password
However, if you can't reset your password from another machine and the hint has still not helped you remember your password, then your only option is to open a new account. Here at SpiderOak we take our ‘Zero-Knowledge’ privacy policy very seriously, so we never have any knowledge of your password and no way to retrieve or reset it, even in emergencies. It's our way of ensuring that our customers' data is always completely secure . . . even from ourselves!”
MS Windows offers to store a hint to your password. This hint will be visible by anybody who tries to login.
Certain systems will not rely on human memory and store the passphrase on a personal device (e.g. the client size encryption systems like BoxCryptor or Google two factor authentication passcodes). Unfortunately, personal devices may be lost, stolen or become non-operational due to accidents or hardware failures.
Using security questions and answers as passphrase alternatives
Security questions are used as authenticators by banks, cable companies and wireless providers as an extra security layer since at least the early 20th century.
In the 2000s, security questions came into widespread use on the Internet as a form of self-service password reset. As such, and similarly to secret strings or passphrases, users must remember the exact spelling and sometimes even case of the answers they provide, which poses the threat that more answers will be written down, exposing them to physical theft.
Due to the commonplace nature of social-media, many of the older traditional security questions are no longer useful or secure. It is important to remember that a security question is just another password. Therefore, a security question should not include any information readily available on social media websites, while remaining simple, memorable, difficult to guess, and constant over time.
Security specialist Bruce Schneier questions the usefulness of security questions. Since they are public facts about a person, they are easier to guess for hackers than passwords. Users that are aware of this problem, often times create faux, hard to guess answers to the questions, but then run at the risk of forgetting the answers, thus defeating the purpose and creating an inconvenience.
It is quite evident that a standard set of security answers can be translated to passphrase or a secret string. The passphrase is composed by concatenating the answers to a single phrase. Special character or standard delimiters can separate the answers if there is a need to go back from the passphrase to the original answers. Similarly, the security questions themselves can be treated as a passphrase hints or reminders. In other words, in a system where security answers are treated as secret, private passphrase, the answers will not be stored by the cloud service. However, the security questions can be stored there as a reminder and sent to the user as a passphrase hint.
It is clear that while a set of security question can replace a passphrase and be more protected against loss resulting from a weak human memory, the inability of users to backup securely security answers or to remember the non-trivial answers to security questions still creates the potential loss of protected data is still the main obstacles for totally relying on secret answers to a set of security questions.