Snowden's security tip: ‘Shift your thinking from passwords to passphrases’
It takes a computer less than a second to crack any eight-character password, according to NSA whistleblower Edward Snowden.
He gave some tips on how to make a better password to ‘Last Week Tonight’ host John Oliver. The HBO show released a web video in which the two men discussed password security ‒ footage that didn't make into the episode that aired Sunday.
The comedian met the former National Security Agency contractor in a Moscow hotel opposite the KGB’s former headquarters in a room with all windows covered. During the frank interview, Oliver and Snowden discussed the NSA’s collection of Americans’ X-rated photos.
“The bad news is they are still collecting everyone’s information,” Snowden said, “including your dick pics.”
But an NSA release of a slew of 'dick pics' isn’t the only thing Americans should be worried about when it comes to their privacy and security, Snowden told Oliver in the web extra posted on Thursday.
“Bad passwords are one of the easiest ways to compromise a system,” Snowden told Oliver. “For someone who has a very common, eight-character password, it can literally take less than a second for a computer to go through the possibilities and pull that password out.”
A little extra from Sunday's interview. John Oliver and Edward Snowden talk password security.Posted by Last Week Tonight with John Oliver on Thursday, April 9, 2015
Oliver’s password ‒ similar to the Druidia air shield security code on ‘Spaceballs’ ‒ is only five characters.
“That’s really bad,” Snowden told him.
Misspelling a word isn’t a good idea either, as permutations of common words are in the normal password dictionary, according to the NSA leaker.
President Skroob shouldn’t change the combination on his luggage from “1-2-3-4-5” to “onetwothreefourfive,” either ‒ an option Oliver hinted at.
“The best advice here is to shift your thinking from passWORDs to passPHRASES,” Snowden recommended. “Think about a common phrase that works for you. It’s too long to brute force and also make them unlikely to be in the dictionary.”
The discussion with Oliver isn’t the first time the NSA leaker has suggested ways to increase privacy and security.
Speaking remotely to attendees at South by Southwest (SXSW) in Austin, Texas last March, Snowden said that everyday people need to rely on encryption to protect themselves from NSA spying.
“We need to think about encryption not as this sort of arcane, black art,” Snowden told the audience at the annual SXSW Interactive conference. “It’s a basic protection.”
But despite Snowden’s advice, Oliver said he’s not going to change his password to “admiralalonzoghostpenis420YOLO” or anything else.
“It seems hard, even though I know it isn’t,” Oliver told Snowden.
“You’re killing me,” the NSA leaker replied.
Perhaps the biggest news of all, however, out of Snowden’s appearance on Last Week Tonight is that he finds Margaret Thatcher 110 percent sexy.