Password Schemes
Managing passwords is such a difficult thing.
Although, systems have sprung for single signon, they have not been
used to their fullest value; they are either not implemented, are
segregated, i.e. there are many single sign ones, or simply because
users don't want to link their different accounts together.In reality, now a days, almost everyone using computers, have to manage multiple passwords.
There have been many passwords choice tips:
- Use strong passwords
- Don't use dictionary words
- Don't use names in the family
- Don't use dates common to your family
- Don't use the same password or multiple systems
But this all makes the problem of remembering passwords really hard. People tend to forget which password is for which system. They try to guess and a number of tries later they click the "forget password" link in the system, very often.
To get by this, I have seen that some people write their passwords down, which poses a huge security risk; once a person get hold of your diary, you are exposed to a large extent.
Some time back, I devised a scheme, which I have been using quite successfully. I would share the scheme here.
- Pick a word (or perhaps a phrase), a better choice would be something that you think might not be present in a dictionary. Make up your own. (We will call this secret word)
- Chose a a formula to mix two words to make a complex word
This formula can be simple or can be complex, the more complex the formula is the more secure your password systems is.
Lets say, You choose the formula
a) Pick the letter two letter bigger than the first letter of the context word,
So if the first letter is 'a' pick 'c', if it is 'd' pick 'f'. You can wrap around 'z' to 'a', it if is 'y' pick 'a', if it is 'z' pick 'b'.
b) Pick the letter one letter smaller than the third letter of the context word
So, if the third letter is 'c' pick 'b', if the third letter is 'h' pick 'g', wrap around 'a' to 'z', so if it is 'a' pick 'z'.
c) pick a number say '3'.
d) pick a symbol say '$'
e) Now, insert your pickings as in a to d above and insert them in to specific places in your secret word.
let me choose 1st for a, 5th for b, c, and d (concatenated)
f) the resulting word is your password
Example, lets the context word be google
So your password would become.
a) first letter is 'g', so our pick would be 'i'
b) third letter is 'o', so our pick would be 'n'
c) '3'
d) '$'
e) insert 'i' at 1st, 'n3$' at 5th.
f) so the password becomes ghatinum + formula = "ighatin3$num".
If your context word is skype, the password becomes "ughatix3$num
- You probably have guessed what is the context word, this is a word that represents the context in which you are trying to log in. This way you would have different passwords for different systems, but you only need to remember two things (you secret and the formula).
google, skype, facebook, office (for
office computer), home (for home computer), pearl (another office
computer name) could be the context words.
Now, I have chosen a fairly complex
formula here, this may be overwhelming for some, so you could choose a
simpler formula, say only picking the first letter of the context word
and prepending with it and 3$ in your secret word. For example, for
google, your password could be g3$ghatinum, which probably is better
than older usual method. You can any formula to your liking.
This seems difficult, but once used to
chosen scheme fairly quickly and then its just a breeze remembering
passwords and logging in.
Another piece of advice, define two
schemes of formulas and secret words to be more secure: one scheme you
use for more secure logins, which you trust more like your computers,
bank account, email etc, and another scheme for general websites
Comments
Post a Comment