Entropy meter for the password/passphrase generator

Any updates on this? Proton Pass does this gracefully for every password entry. And with the Bitwarden’s upcoming UI refresh, this could help make it more informative.

Welcome to the community, Soul-Predator. This general topic usually interests people. Have you read through the comments in the thread, at least those from this year? They are very informative.

Yes, I have, and I would also like to add a visual representation of what I aim to compare the feature request with:

So, not just for the password generator. It would be great to have in password fields (as per some of the merged discussions in this thread).

The little yellow/green/orange/red icon or something similar can indicate password quality to encourage users to update those entries when possible.

Then we are at cross- purposes. My view, clearly expressed above, is that post facto password strength indicators are a fantasy.

Strength of a random password is solely a function of its source character set and its length. These things are fully defined before any password is generated. Afterwards, no new information is available nor can you work backwards to any source conditions other than length.

I recognise that an indicator is a popular notion and has votes here. One path might be for Bitwarden to display nominal entropy based on the character set and length selections made in the generator, but never for a pasted or typed entry.

@Mulled7768 et al.

Agreed, but from a practical viewpoint I have no big problem with such “warning signs” for supposedly weak passwords. Probably they are really weak if they get a “warning sign”, even with post facto entropy calculations.

The bigger problem is, I think, not getting a warning sign for an in fact bad password.

1 Like

For new entries, users should use Bitwarden to generate a random password string 13–15 characters in length (or longer, if the website allows it). Then the password will be guaranteed to be strong, no icon needed.

For existing entries, Premium users can run a Weak Passwords Report, to know which passwords need to be updated. They should also run a Reused Passwords Report, because even a nominally strong password like v^T$c^OmYG7&0 is vulnerable, if a user has used this same password for multiple accounts (a vulnerability that a “strength” icon will not catch!).

Including a password “strength” indicator creates two serious security problems:

  1. All “strength” calculators that analyze specific passwords produce invalid results that are often wildly incorrect (e.g., both Bitwarden and pCloud believe that “It was the best of times”* is a secure password). No critical security decisions should be based on the output of such calculators.

  2. The presence of an interactive password strength indicator will encourage users to concoct passwords on their own instead of using a random password generator. Having users think that it is OK to make up your own passwords is a security risk; coupled with the above issue (i.e., most users will blindly trust the displayed indicator) is going to create significant vulnerabilities.

However, unfortunately for those of us who understand the serious risks created by password “strength” testers, I’m fairly sure that Bitwarden is planning to cater to your wishes (by including a “strength” meter in the redesigned UI).

*This is the opening of A Tale of Two Cities by Charles Dickens, which has one of the best-known opening lines in English-language literature, and commonly featured in passwords/passphrases. It is an easily cracked password, no matter what various password “strength” testers would tell you.

1 Like

The way how Proton Pass does this is quite bad, containing inaccuracies and thus making the tool untrustworthy. For example, even if you generate the password using the generator that is built-in to Proton Pass, the password evaluation changes with every password if you test this with shorter passwords. Thus, Proton is analyzing the strength of a password based on its characteristics similar to zxcvbn, which is problematic, as people have already explained in this thread.

Furthermore, Proton Pass claims that if you decide to drop special characters, your password will be weak if it isn’t at least 17 characters. Interestingly, 17 characters seem to be a line that Proton has set where any password will be estimated to be secure, even those that use only lowercase letters, equaling the entropy of 79.9 bits. Now, Proton is right to call this kind of password strong, but simultaneously, Proton claims that passwords that have more entropy would be weak. For example, a 16-character password with everything but special characters enabled (95 bits of entropy).

For all-numeric passwords, it 32 digits are required for the Proton password tester to consider it maximally secure (this would correspond to 106.3 bits if randomly generated). It appears to impose a 26-character threshold for a password consisting only of special characters (which would correspond to 131.2 bits if randomly generated).

Overall, it appears to be conservative when it comes to sequences of randomly generated character strings, but overestimates strength when it comes to character strings that are not completely random.

Committing the egregious sin of quoting myself, my proposed solution from earlier would provide useful information but not mislead:

@Nail1684’s suggestion of advice about a bad password (e.g. “That’s terrible!”) is helpful yet immediately begs the question of what is not terrible.

There is, as @grb implies, the million monkeys risk that even a random term (1234 is an instance from a 4-digit random set) may not in fact be a good password. Humans have some capacity to exclude bad ones even though they may be terrible at picking good ones.

@PossibleGhost now that which you describe seems just weird. :slight_smile:

You could have quoted my proposed solution instead! :wink:

… I meant it less as an advice (and even if, I maybe would have phrased it differently :sweat_smile:) - I just wanted to emphasize in general, that not the false positives but the false negatives are the bigger problem, I think… because I would guess - besides all the technical arguments - most people would think “I have no warnings whatsoever - so the password must be good”.

The solution by @grb and you would be technically correct (entropy calculations are founded on randomness, as I understand it) and thereby widely eliminate those false negatives…

There likely is a middle-ground. Entropy is not going to be harmed by adding digits/symbols/letters (e.g. to meet complexity rules) or even by uppercasing existing letters in an all-lowercase passphrase. Although we might not be able to calculate the new entropy, the original entropy still forms a lower-bound that could still be displayed.

Reordering, changing or deleting words/characters does harm entropy, so in those cases it ought to be cleared, since we no longer know the lower-bound.

Amusingly, HIBP says “It was the best of times” has only shown up in one breach, whereas “I like Ike” (a 70 year old political slogan) shows up 3 times.

Yes, your ideas would make for a more sophisticated behavior of a proposed strength checker that attempts to produce valid results.

I was looking for an example that would be as short as possible, produce the maximum security rating in the Proton and Bitwarden password testers, and have at least one HIBP hit…

Other variations of the Dickens quote do appear more frequently in HIBP. For example, itwasthebestoftimes has been seen 3 times, bestoftimes 48 times, iwtbotiwtwot (initials from the first sentence) 29 times, and the l33t-transformation 1wtb0t1wtw0t has been seen twice.

Note to myself: have morning coffee before posting.

1 Like

This feature would likely be available in only two places: the vault, and when creating a new entry. The standard “choose password” tab in the browser add-in would have no need for this.

I feel this is important for two reasons:

  1. A graphic green/yellow/red status of complexity or “password goodness” is highly contextual and dependent on the current crackability state of passwords, as well as being too simple. There is not much to say how one password ends up being “better” than the other.
  2. A raw number could easily be complimentary to a graphic complexity option, by providing a concrete magnitude of the password’s complexity. By this raw magnitude measurement, one could more clearly compare passwords for effectiveness.

As it is, I still frequently go back to KeePass to generate passwords, as it’s bit complexity feature gives me a much better “feel” for how appropriate any one auto-generated password will be, given the options selected and the restrictions of the website being signed up on.

@rekabis Welcome to the forum!

I moved your post into an existing Feature Request thread on the same topic. I would encourage you to read through the recent discussion in this thread, perhaps starting here and working your way down.

P.S. Are you the same @rekabis who started the /r/bitwarden subreddit?