I've been using my NAS for a while now and while doing a clean install of 6.2 decided to give the ReadyCloud services a try. When creating an account I found I couldn't use usually password formula due to the restriction to an alphanumeric character set for passwords.
This REALLY concerns me for a few reasons:
Limiting passwords to 62 possible characters is a HUGE reduction in search space for a potential attacker. Try some letter/number only passwords here https://www.grc.com/haystack.htm and then add a single special character and watch the brute-force times jump significantly.
What sort of password storage, retrieval and verification system is running the site such that it cares about the contents of the password? In a secure system the password is a string that gets salted with a user specific salt and then hashed using a cryptographically secure algorithm and compared to the stored hash. There are plenty of open implementations of salted hashing algorithms that would work across the various servers, devices and architectures used by ReadyCloud and the NAS products. I find it very concerning that this sort of limitation exists on a service advertised as a secure personal cloud.
Is there any hope this restriction could be lifted? Being able to use complex passwords is key to trusting that the data I'm putting on the NAS sitting in my house is going to be secure.
I don't share your concern here for the brute force part.
I agree that yes, in theory, it would take longer to guess a password that contains more characters or a greater variety in characters.
That said, if you have a decently strong password of 12 mixed characters, you are likely to change your password before it is guessed. The site gives my password (a similar one) a lifespan of 1.74 centuries for array cracking, let's divide by 100 to get some margin in case machines get faster or they are just lucky, you look at 17years. I change my password every year, and recommendations are to change it every two months (or every month depending where you look). We took the worst possible scenario, you could increase their guess speed by 1000 and you are stil safe. Given the ping that you have to guess from internet, considering a 10ms ping, the maximum guess would be 6000/s, that's really really far from the one hundred trillion/s we considered just before. If you commit to those regular password changes you are safe IMO.
Once again, that's a good thing that you think about your security, but as far as I can tell, password brute force attacks on hosted services should not be your main concern, I'm pretty sure Netgear got this handled and has network IPS to ban people guessing passwords. The chance that they attack that particular service, that your account is picked (they have to guess it too), that the attacker spends enough time (and do not give up after trying the first 100 most used passwords) and that they guess your password by brute force, those odds are really minimal. If I were you I would buy a better lock for my door, this should be easier to break in and steal your NAS... Oh and I would check the reset password questions too, those are often way too easy to find the answers to. Most confidentiality breach nowadays are due to either social engineering or a hole in the software, brute force is quite an old technique that is well known and often well taken care of.
As for the storage part I don't know, but this is a more interesting topic IMO than brute force.
What sort of password storage, retrieval and verification system is running the site such that it cares about the contents of the password?...
You are jumping to a conclusion here - that the password policy is driven by storage/retrieval limitations. Another possibility is that it is set to make access easier for mobile users. I use punctuation in my passwords, and entry on both iPad and Android are painful.
Also, a brute force attack can be controlled by limiting the number of successive wrong guesses, and then inserting a timeout, or requiring a password reset. If a mechanism like that isn't in use, then it should be.
That said, it would be better if the password character set was expanded to the full keyboard.
I'm not worried about online attacks, even without lockout the attack rate is too slow. Brute force of online passwords is also not really a threat that happens outside of a specific person/account being targeted.
Someone breaks into NetGear and steals the password database. Now you have usernames and hashes and your search space for an 8 character password (what most people assume is reasonably secure) is only "2.22 x 10^14" instead of "6.70 x 10^15" which is more than an order of magnitude more difficult to crack.
Also it seems sort of silly to assume that the password charset is restricted for usability reasons. If a user wants to make the choice to use a mobile keyboard friendly password they can do that themselves. NetGear doesn't need to reduce the available security of their entire authentication system to do something that an individual user can choose to do.
I agree that a brute force attack on a compromised password database is more concerning than an over the net attack.
edalquist wrote:
... your search space for an 8 character password (what most people assume is reasonably secure) is only "2.22 x 10^14" instead of "6.70 x 10^15" which is more than an order of magnitude more difficult to crack.
6.70 x 10^17 actually (I think you typed it wrong). So its 3 orders of magnitude more difficult to attack.
Of course you can match that by adding two more characters to the constrained password.
edalquist wrote:
Also it seems sort of silly to assume that the password charset is restricted for usability reasons. If a user wants to make the choice to use a mobile keyboard friendly password they can do that themselves. NetGear doesn't need to reduce the available security of their entire authentication system to do something that an individual user can choose to do.
