Skip to main content

Password Schemes

Although, systems have sprung for single signon, they have not been used to their fullest value; they are either not implemented, are segregated, i.e. there are many single sign ones, or simply because users don't want to link their different accounts together.
In reality, now a days, almost everyone using computers, have to manage multiple passwords.
There have been many passwords choice tips:
  1. Use strong passwords
    • Don't use dictionary words
    • Don't use names in the family
    • Don't use dates common to your family
  2. Don't use the same password or multiple systems
Most of the systems suggest to use strong passwords, some even do not accept simple password not meeting their password complexity requirements.
But this all makes the problem of remembering passwords really hard. People tend to forget which password is for which system. They try to guess and a number of tries later they click the "forget password" link in the system, very often.
To get by this, I have seen that some people write their passwords down, which poses a huge security risk; once a person get hold of your diary, you are exposed to a large extent.
Some time back, I devised a scheme, which I have been using quite successfully. I would share the scheme here.
  • Pick a word (or perhaps a phrase), a better choice would be something that you think might not be present in a dictionary. Make up your own. (We will call this secret word)
For example, ghatinum
  • Chose a a formula to mix two words to make a complex word
We will use this formula to mix our secret word and a context word (I will come to the context word later).
This formula can be simple or can be complex, the more complex the formula is the more secure your password systems is.
Lets say, You choose the formula
a) Pick the letter two letter bigger than the first letter of the context word,
So if the first letter is 'a' pick 'c', if it is 'd' pick 'f'. You can wrap around 'z' to 'a', it if is 'y' pick 'a', if it is 'z' pick 'b'.
b) Pick the letter one letter smaller than the third letter of the context word
So, if the third letter is 'c' pick 'b', if the third letter is 'h' pick 'g', wrap around 'a' to 'z', so if it is 'a' pick 'z'.
c) pick a number say '3'.
d) pick a symbol say '$'
e) Now, insert  your pickings as in a to d above and insert them in to specific places in your secret word.
let me choose 1st for a, 5th for b, c, and d (concatenated)
f) the resulting word is your password
Example, lets the context word be google
So your password would become.
a) first letter is 'g', so our pick would be 'i'
b) third letter is 'o', so our pick would be 'n'
c) '3'
d) '$'
e) insert 'i' at 1st, 'n3$' at 5th.
f) so the password becomes ghatinum + formula = "ighatin3$num".
If your context word is skype, the password becomes "ughatix3$num
  • You probably have guessed what is the context word, this is a word that represents the context in which you are trying to log in. This way you would have different passwords for different systems, but you only need to remember two things (you secret and the formula).
google, skype, facebook, office (for office computer), home (for home computer), pearl (another office computer name) could be the context words.
Now, I have chosen a fairly complex formula here, this may be overwhelming for some, so you could choose a simpler formula, say only picking the first letter of the context word and prepending with it and 3$ in your secret word. For example, for google, your password could be g3$ghatinum, which probably is better than older usual method. You can any formula to your liking.
This seems difficult, but once used to chosen scheme fairly quickly and then its just a breeze remembering passwords and logging in.
Another piece of advice, define two schemes of formulas and secret words to be more secure: one scheme you use for more secure logins, which you trust more like your computers, bank account, email etc, and another scheme for general websites


Popular posts from this blog

بر بحر "گلس ہنس دیئے نقاب الٹ دی بہار نے"

ماہِ صیام آنکھ کھولی ہے بہار نے
مولا کو جانشین دیا کردگار نے

خوش ہیں علی مسکرا رہیں ہیں فاطمہ
"گلس ہنس دیئے نقاب الٹ دی بہار نے"

شبیہِ رسول اور حاملِ عظمتِ نبی
تحفہ دیا ہے سیدہ پروردگار نے

جھکایا سر کو بارگہِ امامت میں دست بند
حکمت و حلم اور عظمت و کردار نے

امامِ حسن کے صفین میں لپکنے پر
روکا بحوالہ نبی انہیں کرار نے

پیشِ نظر تحفظِ دینِ رسول تھا
قلم کی پیروی کرلی جبھی تلوار نے

ڈوبتے نے لیا نامِ علی مشکل میں
مارے ساحل کے لیئے ہاتھ منجدھار نے

دورانِ امن ضبط سکھایا تھا حسن نے
اور ضبط دکھایا جنگ میں علمدار نے

اس ہمتِ قلم پر سفر کو معافی مولا
بڑی کی ہے یہ جرِءت اس خاکسار نے

Putting Ideas in the public

I have a gift (or a curse); I can think on many different fronts at the same time, often too many.

One of those fronts is technical / business ideas. There is a ever growing list of ideas that come to my mind. And I want to make use of each of those.

However realizing that I have been not so productive with these ideas. I spend too much time in generating and enhancing these Ideas and contemplating on them and do not focus enough to get through with them to convert them into value. And I know Ideas do not have any value unless they get used.

Lately I have been thinking about this and I thought instead of keeping the ideas to myself in hope that I will get time and focus to implement them why don't I put those Ideas on the web to the public.

This got me thinking....

However, some part of me does not want to let go of the ideas, I see business potentials in many of the these ideas and being a normal person, I wish I could get some benefit out of it. However, I know that stinginess …

Integrating Blogger with Google Sites

I wanted to integrate my blogger site (this is the first post on blogger) to be shown on my site hosted by google sites.

Though both Google Sites and Blogspot are owned by Google, apparently there isn't enough market base for google to have them integrated.

On  Google Forum some people suggest to integrate them using RSS Feed, blogpost being the rss provider and placing a widget for RSS consumer, but that would only show the recent blogs (depending upon settings) and the other method is to use iFrame, page within a page.

I went ahead with tsinn implementation, downloading his xml template for blogspot, chose not to delete the widgets (I was not sure whether I needed them or not). Hid the widgets using css.
header, .Profile, .Followers, .Attribution,.blog-feeds {
  display: none;
}[Note: I could not identify a rational of the structure, naming and capitalization, and in absense of this understanding did not like the inconsistency in Template XML for blogspot]

Added the iFrame with hei…