«

»

You Shall Not Pass

Passwords are a part of life in the first world.  Passwords for e-mail. Passwords to login to your computers. Passwords for web based services such as Dropbox, Facebook, Instagram or Pinterest. So many passwords. I am going to share with you a simple system that will help protect your on-line resources while still being easy to remember. People tend to make two mistakes with regards to passwords.   The first error people tend to make when choosing their passwords is to make it too simple.  Some of the most common passwords in use are sequences such as “password” or  “1234”.  This falls under the mistaken impression that no one will ever try to break into their account. Let me assure you, insecure passwords are easily exploited by hackers and brute force attack software.

The second error is both better and worse than the first.  The second error is try come up with a personally relevant and presumably complex password, such as combining the names of your two children.  After all, “Peterjames” isn’t a word or even a real name. Even a meaningless combination of letters, numbers and special characters, such as “rvb4life!” falls into this category.  While the relative ‘strength’ of such a password is fine, the mistake end users make is to use one password for all their online sites, e-mail, etc.

There was an article recently about a popular online service called Dropbox.  This site had gotten hacked not because someone had breached the not inconsiderable security running on the Dropbox site itself, but rather, had been compromised because some user had used the same username / password pair on a second (presumably less secure) web site.  When the site was hacked it was a simple matter for hackers to take the
of user accounts and their passwords and try them on other sites, one of which was Dropbox.

So on to the system. Ultimately a good password system should be three things:

1. Complex enough so that each individual password is secure or Strong in the language of password security.

2. Unique so that each site or login account has a different password.

3. Easy to remember and, in the best case scenario, retrieve if forgotten, by the user who came up with the scheme.

What I am talking about here is using something of a cypher. You start with the first part of the password, add something relevant to the site you are trying to access and the combination gives you a unique password that you don’t need to remember.

To start with, come up with a phrase that is both personally relevant and which can be turned into a password through the transposition of certain words into numbers, such as:

whatisitgood4

The last one says “easy access to” without using more than three actual letters.  From this base key, look at the site for which you wish to create a password. Some examples include banking sites, Facebook, e-mail or even a game site.  By combining the base key with something relevant to the site you end up with:

FACEBOOKwhatisitgood4

EVEwhatisitgood4

The real benefit of this system is that when you come back to a site you have not visited in a while and are challenged with the password you can extrapolate the password you used originally by simply combining your base key with the relevant key pertaining to the site, service or game.  This system, once you have used it a few times, will give you an endless supply of unique, easily remembered passwords.