How to Remember Strong Passwords
The problem with strong passwords is that they are somewhat difficult to remember. It's much easier to remember a password such as GuessThePassword than one such as 6!2f?MHclh6@, but the former is also much easier to guess or attack with brute-force techniques. Coming up with a strong but easy-to-remember password is easy, however, if you follow these steps:
- Come up with a series of obfuscation rules.
- Choose a phrase that you will remember.
- Obfuscate the phrase.
- Try out the password.
Let's look at these steps.
Come Up with a Series of Obfuscation Rules
This is a simple step: think of some words or letters, and consider how you would obfuscate each of them by reducing them to a single letter or symbol. Table B-2 shows some examples.
Table B-2. Some obfuscation rules.
| Word or Letter | Obfuscation | Comments |
|---|---|---|
| Up | ^ | The up arrow |
| Down | V | The down arrow (uppercase or lowercase letter V) |
| Right | > | The right arrow |
| Left | < | The left arrow |
| And | & | C++/Perl/JScript "and" |
| Or | | | C++/Perl/JScript "or" |
| Pipe | | | The shell pipe symbol |
| Not | ! | C++/Perl/JScript "not" |
| Not | ~ | C++/Perl/JScript bitwise "not" |
| Point/arrow | -> | C++ pointer symbol |
| Equal/compare | = | The programming equal symbol |
| Point | . | A single point |
| At | @ | Symbolic at |
| You | U | Phonetic similarity |
| Be | B | Phonetic similarity |
| See/Sea | C | Phonetic similarity |
| Are | R | Phonetic similarity |
| To/Too | 2 | Phonetic similarity |
| Why | Y | Phonetic similarity |
| F | Ph | Phonetic similarity |
| Snake | S | Looks like a snake! |
| Come | , | Comma-sounds similar |
| Stop | . | Anglo version of period-a full stop |
| Water | ~ | Squiggly line-like a wave! |
| Star | * | A starlike symbol |
| Cross | X or + | Crosslike symbols |
| Great | > | The greater than symbol |
| Less | < | The less than symbol |
| O | 0 | Replace letter O with zero |
| On | 1 | On = binary on or 1 |
| Off | 0 | Off = binary off or 0 |
| E | 3 | Hackers often use 3 to represent E reversed. |
| L or I | 1 | Hackers often use the number 1 to represent L or I. |
| 1 | ! | Hackers often use the symbol ! to represent the digit 1. |
| A | 4 | Hackers often use the number 4 to represent the letter A. |
| S | $ | Hackers often use the symbol $ to represent the letter S. |
| T | + | Hackers often use the symbol + to represent the letter T. |
| Laugh, sad, shout, etc. | :-) :-( :-0 | Smileys! |
NOTE
You should derive your own obfuscation rules because some password-guessing programs might account for ! for 1, 3 for E, and so on.
Choose a Phrase That You Will Remember
This is the easy part: just think of a sentence, a line from a poem, part of a song, a nursery rhyme.
Obfuscate the Phrase
Now apply the rules you defined in the first step to come up with a password. Table B-3 shows some examples. Don't use these!
Table B-3. Some examples of complex yet easy-to-remember passwords.
| Phrase | Password | Comments |
|---|---|---|
| Mary had a little lamb its fleece was white. | M+4vLiFW* | Mary = M had = + (add) A = 4 (see Table B-2) little = v (down, small) lamb = L its = i fleece = F was = W white = * (bright) |
| Laugh and the world laughs with you. | :-)&t0:-(wU | Laugh = :-) and = & the = t world = 0 (zero, physically big) laughs = :-( (opposite to smile!) with = w you = U |
| One day a man went to the zoo. | !D4mw2tz00 | One = ! (see Table B-2) day = D a = 4 (see Table B-2) man = m went = w to = 2 the = t zoo = z00 (see Table B-2) |
Try Out the Password
Finally, lock and unlock your workstation a couple of times to get familiar with how the password "feels." This might sound silly, but it helps you remember the password.
Use RandomGoo to Create Very Strong PasswordsWe've included a tool for Microsoft Windows CE Pocket PCs that will allow you to create long strings of cryptographically random data. The tool, RandomGoo, is available on the companion CD for MIPS-based and SH3-based Pocket PCs.
EAN: N/A
Pages: 138