My line of argument is more complex than you give it credit for. It has 3 major components:
- if you do not include "unique elements" (that is, you quote straight from wikiquote or similar), a quote is less secure than 4 random dictionary words due to being subject to wikiquote-driven dictionary-style attacks.
- if you include intentional and unique modifications, a quote from a public work like a movie or play is not particularly easier to remember than something from passphra.se or similar. Once you have to remember what you spelled/capitalized/punctuated in a nonstandard way, what have you really gained?
- if you include unintentionally unique elements (a word you always misspell), or elements that aren't really unique (you always append the same character), then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
The key to the xkcd-style passphrase is that it remains secure even against an attacker who knows how you generated it, and who knows your personal tendencies. It's a completely universal, memorable, secure scheme.
Movie quotes are secure and memorable enough the majority of the time -- vastly more secure than using your kid's name, vastly more memorable than a string of random characters. But it seems to me like you're advocating a second-best security practice when we already have a best one.
>then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
That's the thing right there: the difference in practical vulnerability all but requires an attacker to have a certain level of omniscience and access to a massive database of any conceivable permutation of any fragment you might choose of a huge number of works.
>But it seems to me like you're advocating a second-best security practice when we already have a best one.
I'm advocating what can be efficiently communicated to a non-technical user that gets them to use something better than the short keys they'll tend to use otherwise.
What's more likely to stick with a 40 year old office coworker that asks how to secure their wireless network? A scheme that seems nonsensical on surface that requires a comic and basic grasp of what a keyspace is to understand, or the suggestion to "use a sentence from something you like that you'll easily remember?"
Either one is going to stop all but the most determined of attackers. I don't see the point in confusing the issue for them.
On the one hand, you're saying that it's a huge keyspace because you might choose from such a huge number of works and there are so many possible variations. My criticism of that version of your idea is that those variations are as hard to remember as random words.
On the other hand, you're telling people "use a sentence from something you like", which is likely to result in only the smallest exploration of that keyspace -- the most popular lines out of the most popular shows or movies, with only a small number of capitalization or punctuation variants. If people are going to pick things like "to be or not to be" or "I can kill you with my brain", then you're suggesting something that's not particularly secure (and may already be contained in many dictionary attacks).
So the approach you advocate is fundamentally insecure, which you've argued can be made secure by adding exactly the sort of measures that confuse the issue for the people you say will benefit from the approach.
Here's an easier approach: tell people "anything you can find in a dictionary or on a list of quotes, hackers already have on their computers. To make a password hackers don't already know about, you need to put some random words together." Then point them to passphra.se and tell them to hit "generate another" until they get something they like. They can even add in more words to make it more memorable, or mix their random words into a movie quote ("I can melt you with my smoky vegetable universe", in River Tam's voice... creepy and memorable.)
In other words, instead of starting with "memorable" and then trying (and probably failing) to add enough entropy without sacrificing memorability, start with enough entropy and then make it memorable.
- if you do not include "unique elements" (that is, you quote straight from wikiquote or similar), a quote is less secure than 4 random dictionary words due to being subject to wikiquote-driven dictionary-style attacks.
- if you include intentional and unique modifications, a quote from a public work like a movie or play is not particularly easier to remember than something from passphra.se or similar. Once you have to remember what you spelled/capitalized/punctuated in a nonstandard way, what have you really gained?
- if you include unintentionally unique elements (a word you always misspell), or elements that aren't really unique (you always append the same character), then your passphrase is vulnerable to a dictionary-like attack by an attacker who has some knowledge of you, particularly one who you've told your scheme to.
The key to the xkcd-style passphrase is that it remains secure even against an attacker who knows how you generated it, and who knows your personal tendencies. It's a completely universal, memorable, secure scheme.
Movie quotes are secure and memorable enough the majority of the time -- vastly more secure than using your kid's name, vastly more memorable than a string of random characters. But it seems to me like you're advocating a second-best security practice when we already have a best one.