Superparol concept - as additional protection for web-based email accounts
Hacking web-based electronic mailboxes has recently become increasingly common. There are many ways of hacking - simple selection, keyboard logger, answer selection for a secret password, Trojans, etc. etc.
The result is always the same - the attacker gets full access to the mailbox. He can merge all information from him, use it for further hacking of other mailboxes, logins in social networks, payment systems. In the end, he can simply delete the box or change the password to it. In general, everything is bad.
I tried to come up with the concept of additional protection for web-based mailboxes, which I called superparol. So far this is nothing more than a concept and I would like to hear the opinion of other Habr users.
There is a two-tier protection system, such as on Google. Not a bad decision, but with all its advantages there is a certain minus, expressed in some difficulty in constant access to the box. I, for example, sometimes did not receive SMS with a code on a mobile phone, but it is required quite often (I went from another place to the mail). It does not come and that's it. It is difficult for Android programs to access, using the login of such a multi-level protection as a basic identification login.
I thought - why not use the distributed access system on the mail service login? For example, as in the most ordinary Joomla. User User can create and edit new pages, but cannot delete other people's pages, not to mention access to the SQL database login.
')
So, imagine that when registering for the postal service, we need to specify not one, but two passwords.
Password No. 1 - regular password
Password number 2 - superparol. Password for critical changes.
Here is an approximate distribution of responsibilities and access levels when using a regular password or super password.
As you can see, a regular password allows you to work quite comfortably in your e-mail, logging in from different devices, including those at risk of hacking — other people's Wi-Fi networks, Internet cafes, etc. Almost always we use only the usual password. With modern disk space quotas, such leaders as mail.ru, yandex.ru, hotmail.com, gmail.com and further the issue of deleting messages is often not critical. Usually there is no need to clean our box of spam and large letters every week so that the box does not overflow. If you paraphrase the famous statement of B.Gates, you can say - “A regular password is enough for everyone”.
"Trite" - probably tell you. Instead of one password - two passwords, more likely to forget them both. What is the novelty?
Objection number 1
Often, hacking a mailbox is only a prelude to hacking logins in other services, for example, in Skype, Webmoney, PayPal, etc. Those. we protected our mailbox from critical changes, but the attacker, having normal access to it, requests, for example, a new password on Skype, receives a message with a link to change the Skype password, changes it. Everything, our super password did not help us to protect our other logins, and having a regular password, an attacker can cause significant damage.
Objection number 2
Drain information. The attacker downloads letters of interest to him, attachments to them. It can also find letters with the passwords specified when registering with other services (although now such letters are still rare, but still). Delete all information - i.e. ordinary vandalism.
To prevent this, I propose a system of labels for all letters.
Top-Save Label
Alternatively, this label is automatically applied to all messages older than 5 days. All messages that have this shortcut can be read using a regular password, you can download applications in them, but you cannot delete them without using super password. Naturally, the term of application of this label (5 days, 2 weeks or other) can be changed using our super password. If the message has been sent recently (from 1 to 5 days ago), we can delete it using our regular password.
Top-Secret Label
This label allows you to provide maximum protection for stored messages. Letters marked with this label cannot be read without using our super password, although you can find them in the box. Of course, the letter will not show its first lines, only the sender and subject.
How is such a label exposed? Options:
1. To all messages that are older than half a year (you can change or cancel it altogether).
2. To the messages that the user himself deems necessary to mark as Top-Secret. Moreover, to apply this label, a regular password is enough, and to remove a label or view a letter - only super password.
3. To all letters from the "Top" recipients. The list of such addressees can be made in advance and include the most popular social networks, payment systems, online messengers, etc.
Protection in this case can be a complete protection - for example, we can, when using a regular password, see the letter in the inbox, see the sender and the subject, but cannot open it for reading, or partial, when we open the letter, but not see links.
Example:
Sender: Skype
Subject: Password change
Dear XXX!
You have requested a new password. To change the password, click the following link <This link is blocked by the terms of the Top-Secret label, use your super password to read the letter completely>
respectfully
Skype Inc.
4. To messages from your specified recipients. It can work on the principle of filters in Gmail.
“Apply the Top-Secret label to all messages from the Addressee <user@mail.ru> 3 days after the letter was received.”
As a result, the attacker will not be able to cause critical damage, even taking possession of the usual password from your mail.
1. Almost all letters will remain in the mail.
2. The attacker will not be able to use mail for further hacks.
3. You will save access to the box and you can quickly change the compromised password.
4. You can safely save the usual password in the browser, on your smartphone, without fear of losing it. Super password is stored separately and rarely used.
What should superparol be?
This may be a plain text password, but after use of which a verification code is sent to the mobile phone. Since super password will not be needed so often, I think this combination will give the maximum level of protection.
Other superparol options, such as using a key pair (public-private key), etc. also allowed.
I would like to hear your opinion, comments on the weaknesses of this proposal.
UPD. As suggested by aalebedev , you can opt out of the text super password , as such, and use an existing mobile phone to enter the mail, but only the one that was specified during registration.
That is, we enter the login, put a tick (input with super password), enter your mobile phone in the super password field, and in the third field enter the confirmation code received via SMS.
As a result, we need to remember only the usual password and your mobile phone number.
The result is always the same - the attacker gets full access to the mailbox. He can merge all information from him, use it for further hacking of other mailboxes, logins in social networks, payment systems. In the end, he can simply delete the box or change the password to it. In general, everything is bad.
I tried to come up with the concept of additional protection for web-based mailboxes, which I called superparol. So far this is nothing more than a concept and I would like to hear the opinion of other Habr users.
There is a two-tier protection system, such as on Google. Not a bad decision, but with all its advantages there is a certain minus, expressed in some difficulty in constant access to the box. I, for example, sometimes did not receive SMS with a code on a mobile phone, but it is required quite often (I went from another place to the mail). It does not come and that's it. It is difficult for Android programs to access, using the login of such a multi-level protection as a basic identification login.
I thought - why not use the distributed access system on the mail service login? For example, as in the most ordinary Joomla. User User can create and edit new pages, but cannot delete other people's pages, not to mention access to the SQL database login.
')
So, imagine that when registering for the postal service, we need to specify not one, but two passwords.
Password No. 1 - regular password
Password number 2 - superparol. Password for critical changes.
Here is an approximate distribution of responsibilities and access levels when using a regular password or super password.
As you can see, a regular password allows you to work quite comfortably in your e-mail, logging in from different devices, including those at risk of hacking — other people's Wi-Fi networks, Internet cafes, etc. Almost always we use only the usual password. With modern disk space quotas, such leaders as mail.ru, yandex.ru, hotmail.com, gmail.com and further the issue of deleting messages is often not critical. Usually there is no need to clean our box of spam and large letters every week so that the box does not overflow. If you paraphrase the famous statement of B.Gates, you can say - “A regular password is enough for everyone”.
"Trite" - probably tell you. Instead of one password - two passwords, more likely to forget them both. What is the novelty?
Objection number 1
Often, hacking a mailbox is only a prelude to hacking logins in other services, for example, in Skype, Webmoney, PayPal, etc. Those. we protected our mailbox from critical changes, but the attacker, having normal access to it, requests, for example, a new password on Skype, receives a message with a link to change the Skype password, changes it. Everything, our super password did not help us to protect our other logins, and having a regular password, an attacker can cause significant damage.
Objection number 2
Drain information. The attacker downloads letters of interest to him, attachments to them. It can also find letters with the passwords specified when registering with other services (although now such letters are still rare, but still). Delete all information - i.e. ordinary vandalism.
To prevent this, I propose a system of labels for all letters.
Top-Save Label
Alternatively, this label is automatically applied to all messages older than 5 days. All messages that have this shortcut can be read using a regular password, you can download applications in them, but you cannot delete them without using super password. Naturally, the term of application of this label (5 days, 2 weeks or other) can be changed using our super password. If the message has been sent recently (from 1 to 5 days ago), we can delete it using our regular password.
Top-Secret Label
This label allows you to provide maximum protection for stored messages. Letters marked with this label cannot be read without using our super password, although you can find them in the box. Of course, the letter will not show its first lines, only the sender and subject.
How is such a label exposed? Options:
1. To all messages that are older than half a year (you can change or cancel it altogether).
2. To the messages that the user himself deems necessary to mark as Top-Secret. Moreover, to apply this label, a regular password is enough, and to remove a label or view a letter - only super password.
3. To all letters from the "Top" recipients. The list of such addressees can be made in advance and include the most popular social networks, payment systems, online messengers, etc.
Protection in this case can be a complete protection - for example, we can, when using a regular password, see the letter in the inbox, see the sender and the subject, but cannot open it for reading, or partial, when we open the letter, but not see links.
Example:
Sender: Skype
Subject: Password change
Dear XXX!
You have requested a new password. To change the password, click the following link <This link is blocked by the terms of the Top-Secret label, use your super password to read the letter completely>
respectfully
Skype Inc.
4. To messages from your specified recipients. It can work on the principle of filters in Gmail.
“Apply the Top-Secret label to all messages from the Addressee <user@mail.ru> 3 days after the letter was received.”
As a result, the attacker will not be able to cause critical damage, even taking possession of the usual password from your mail.
1. Almost all letters will remain in the mail.
2. The attacker will not be able to use mail for further hacks.
3. You will save access to the box and you can quickly change the compromised password.
4. You can safely save the usual password in the browser, on your smartphone, without fear of losing it. Super password is stored separately and rarely used.
What should superparol be?
This may be a plain text password, but after use of which a verification code is sent to the mobile phone. Since super password will not be needed so often, I think this combination will give the maximum level of protection.
Other superparol options, such as using a key pair (public-private key), etc. also allowed.
I would like to hear your opinion, comments on the weaknesses of this proposal.
UPD. As suggested by aalebedev , you can opt out of the text super password , as such, and use an existing mobile phone to enter the mail, but only the one that was specified during registration.
That is, we enter the login, put a tick (input with super password), enter your mobile phone in the super password field, and in the third field enter the confirmation code received via SMS.
As a result, we need to remember only the usual password and your mobile phone number.
Source: https://habr.com/ru/post/161883/
All Articles