Snowden's 'Sexy Margaret Thatcher' Password Isn't So Secure

Edward Snowden appears to have a thing for the late British conservative prime minister Margaret Thatcher.
Margaret Thatcher
John Downing/Getty Images

Edward Snowden appears to have a thing for the late British conservative prime minister Margaret Thatcher. And his obsession may even be clouding his famously paranoid sense of security.

In a YouTube extra from his interview with John Oliver posted late last week, Snowden offered some password security advice: He pans Oliver’s comically awful suggestions like “passwerd,” “onetwothreefour,” and “limpbiscuit4eva,” and instead wisely recommends that computer users switch from passwords to much longer passphrases. He goes on to offer an example: “MargaretThatcheris110%SEXY.”

This was not just an off-the-cuff suggestion in a live interview, but a piece of advice that Snowden had thought about for at least two years. When he first contacted Glenn Greenwald in 2012 under the pseudonym Cincinnatus, Snowden urged Greenwald to start using the encryption software PGP for their communications, and even made him a 12-minute video tutorial. His voice garbled and auto-tuned for anonymity, Cincinnatus offered Greenwald the same example of a strong password he would give to Oliver: MargaretThatcheris110%SEXY. The mention of comes around the six minute mark in the below video.

Here’s the thing, though: For a guy so careful about passwords that he’s known to pull a blanket over his head when entering them into his laptop, Snowden’s ironic Tory-fetishizing password advice is far from ideal.

Considering that he's recommended it for someone like Greenwald, who's going up against the NSA’s uber-hackers and supercomputers, Snowden’s “MargaretThatcheris110%SEXY” is only a “borderline” secure password, says Joseph Bonneau, a postdoctoral cryptography researcher at Stanford who has published papers in several academic journals on optimizing password security. “Just because something’s a phrase and it’s longer, people get fixated on that,” he says. “The length doesn’t mean that much to your adversary. The real problem is that people are really bad at producing randomness. It’s really hard to tell if what you’ve picked is hard to guess.”

Before elaborating on that randomness problem, Bonneau first notes that it’s important to think about where a password is being used. If it's for an online account like Gmail, the service provider like Google probably limits the number of attempts a hacker can make before locking them out. For that sort of application, Snowden's Thatcher passphrase works fine, Bonneau says. But for offline password cracking, say, on a seized computer, an attacker can try passwords much, much faster. “Assume your adversary is capable of one trillion guesses per second,” Snowden himself told journalist Laura Poitras in their initial email exchange.

To withstand that sort of ultra-high-speed cracking, a passphrase has to be secure against an algorithm that will exploit virtually any pattern to narrow the scope of possibilities. And anything that makes sense to humans---even the unlikely notion of sexual attraction to Margaret Thatcher---follows plenty of linguistic patterns. In a 2012 study, Bonneau and his fellow researchers checked if phrases had already been signed up for by users of the Amazon service PayPhrase, which required a unique series of multiple words to be chosen by a user for every registration. They found that they could narrow down their guesses at which phrases were already taken using language samples and lists of proper names from Wikipedia, IMDB, the language learning website English Language Learning Online, and even the Urban Dictionary's collection of slang idioms.

With those data sets built into their guessing algorithm, they found that Amazon users' four-word phrases have only 30 bits of entropy---in other words, two to the 30th power possibilities. Bonneau estimates that a passphrase needs at least 70 or 80 bits of entropy to be considered secure---In other words, to withstand Snowden's trillion-guesses-a-second standard for years or decades rather than seconds or days.

In another related study published six years earlier, a group of Carnegie Mellon researchers found that when they asked users to come up with mnemonic passwords based on phrases---"Four score and seven years ago, our Fathers" turns into "4s&7yaoF," for instance---65 percent of them used phrases that they could find on Google. Out of 144 subjects in the study, two chose lyrics from the same Oscar Meyer Weiner jingle. None of that bodes well for humans' potential to choose a passphrase that's as unique as they think it is.

Tweaking a passphrase with character changes can certainly help. Snowden writes in the notes of his video for Greenwald that "intentional, personal, and memorable typos" can make passphrases far more secure. He even suggests that spelling "sexy" as "sessy" in his Margaret Thatcher example could help. But Snowden also rebuts his own point in his conversation with John Oliver, when he says that "permutations of common words" could still be included in attackers' dictionaries.

Instead, says Bonneau, the best passphrases are truly random, and make no sense. He suggests Diceware, a simple method of rolling dice and using the results to generate phrases from a list of 4,000 words. "You get something like 'potato lampshade bike run...' That's the approach if you really want the highest level of security," says Bonneau. "If I were in Snowden’s position giving Glenn Greenwald advice, that’s what I would have instructed him to do."

One thing that Bonneau suggests that absolutely no one should do: Take Snowden’s advice literally and use the actual password “MargaretThatcheris110%SEXY.” Any password that’s even been mentioned just once online may already be added to password-cracking programs, which would make it trivial to crack. Just by uttering it on a TV show with a widely watched YouTube account, Snowden already ruined his favorite password example. “A strong attacker will have that phrase, and they'll try it," Bonneau says. "Among trillions of other things."