Friday, July 24, 2009

Super-Secure Passwords

Slate has an interesting article on creating easy-to-remember passwords.

Here's a method I found a couple of years ago that works for me.

First, consider the top row of letters on a keyboard: QWERTYUIOP

Now, drop the first and last letters: WERTYUIO

Compose a three-letter word from those eight letters: ROT, YOU, TWO, WET, for example. That's the only part you have to remember, the rest is a pattern.

To use the password, say Rot, type a capital "R". Then type the six uppercase characters of the keys that surround the "R" key, starting at the one o'clock position and proceeding clockwise: R%TFDE$. Then do the same thing with the second letter, "O", but in lower case only: o0plki9. And the same thing with "T": t6ygfr5.

So now you have a 21-character password: R%TFDE$o0plki9t6ygfr5.

The password includes upper and lower case letters, numerals and punctuation, and you only have to remember three letters.


Rob K said...

I think that's well into overkill territory.

JAFO said...

We call these "keyboard walks"

They're THE WORST passwords. They're within the first 1000 words in brute-force attacks.

(I work in cybersecurity)

JAFO said...

darnit, forgot to subscribe....

D.W. Drang said...

What JAFO said.

OTOH... If you're trying to prevent your wife from accessing those web sites you don't want her to know you visit--you know, the ones where you buy her gifts (what did you think I was referring to?)--this is probably sufficient. If you want to keep your neighbor from piggybacking on your home wifi, it may be sufficient: it will probably stop your neighbor, depending on how savvy he is (or his kids are), and how desperate they are to piggyback on your home wifi. Will it stop the casual war-driver? Maybe. Will it stop the motivated (i.e., criminal or terrorist) war-driver? No.

WV: egopizes.

Turk Turon said...

Cool! I appreciate the info.