Monday, May 13, 2013

Passwords - Easy to remember but hard to guess

I've been meaning to write this for some time. It seems like people still use simple passwords that are easy for hackers to guess because they're easy for the user to remember. You may think that, using your granddaughter's name is smart because, after all, how many people - hackers - would think of it? Well, have you ever mentioned your granddaughter on your Facebook or MySpace page? If you love her enough to use her name as a a password, you've probably mentioned her elsewhere. But you have several grandchildren. How will a hacker know which one is your password? Well, hackers do a lot of guessing, so they will guess all your grandchildrens' names before they get to the right one. How about your birth date? Or your street address? Easy things for hackers to guess.

So what are some good passwords? Many sites now want you to use upper and lower case letters, numbers and/or special characters. Good idea. But they're hard to remember! Not if you use them in a way that's easy to remember. Duh!

Don't use things a hacker is probably going to guess, like anything dealing with your public life. Don't use family names, addresses, birth dates, or anything else someone can find out about you.

Here are some ideas of what you can use.

What are your favorite TV shows or movies? Take something from one of those and "scramble" it with special characters. Do you have favorite actors, authors, singers, poets? I'll bet you do. Think of one that not many people know about and use them. How about an event that you can easily remember? Use it and some form of the associated date.

Here are some examples.

Let's say you really liked the TV show "Lost." The "Dharma Initiative" was an element in that show. So let's use "Dharma," but we're going to use the special character "@" in place of one or both of the letters "a." You can capitalize the first letter, but that would be easier to guess than captializing, say, the second or last letters. If you capitalize the same letter each time, you'll find it easier to remember.

So for our password, we're going to start with "dH@rma." Now, we want to incorporate some numbers. Again, if you're a Lost fan, you know that there were a few numbers that were repeated in the show, like 108 and 815. So we can use the password "dH@rma108," which would probably be hard enough to guess. But let's take it one step further. Instead of a zero, use the letter "o." Now your password is "dH@rma1o8." As a lost fan, you'll remember that password - as long as you remember which letter it is that you always capitalize.

Another thing to do is use an easy word to remember, but spell it backwards. My favorite dog's name was Rosie, and she was born in 1998. So for my password I could use "eisor1998." But instead of the "s," I'm going to use "$." It looks like an "s," so it's easy to remember which special character I used. You can go a little farther and switch all switchable letters to special characters, and/or switch out letters for numbers and vice versa. And don't forget your capitalization if you need it. So Rosie1998 becomes "eI$or1998."

To confound the hackers a little more, put the year in the center of the word, or alternate letters and numbers.

19eI$0r98 or e1I9$908r

See what I mean? This is something you can easily remember yourself, but that some hacker* is going to take a very long time to "guess."

Do this with your favorite author, or with the title of your favorite book by your favorite author. Or your favorite actor and movie. Or your favorite food. There's no limit. Just keep your scrambling techniques consistent so you don't confound yourself!

The easiest substitutions are a and @, s and $, o and 0, i and 1. But you should work some out for yourself that are not as easy to think of. Remember to be consistent so you won't forget them. For example, let's say you always substitute the "#" for the letter x, or you always use a % for the letter z, or even for more common letters. This way you're making a very complex password that you can easily remember.

Okay, so that's what I wanted to let people know. You can take my ideas and go far, using all sorts of things: favorite words, foreign words, types of trees or plants, bugs, animals. There's no limit.

I hope this helps.

*or ex-boyfriend, or ex-girlfriend, or nosy roommate, or nosy family member, if you get my drift