Introduction: Make an Easy to Remember Hard to Guess Password

I have encountered many ways to make a password more secure. I'm sure you have heard some of these suggestions too, this includes adding numbers and symbols, more characters, capital and lowercase letters, and bla bla bla bla. But how do people remember these? Well they do things like use the first letter of each phrases like "Mary Had A Little Lamb". But that isn't secure to do for each website, so there must be a different phrase for each website you commonly visit. Then, after visiting enough websites we have to install a password manager, but when logging on when on another computer it doesn't work and the whole thing becomes such a hassle. I want a way that works anywhere, is fast, and most of all, effective. So I used something called MD5 Hash encryption. This method takes minimal memorizing and effort on the users part, its fast, simple, and most of all effective. Nothing needs to be downloaded and it works anywhere. Sound too good to be true? Read on.

Step 1: Why MD5?

If you just want to get to the method, you can skip this, but if you are interested in why I chose to use this method, read on.

MD5 Hash Encryption is an outdated method to store passwords on a computer's hard drive so that hackers cannot read them. It generates a string of 32 (seemingly-but-not-really-random) numbers and lowercase letters, called a hash, from another string that the user puts in. The cool thing is is that no matter how many times a user puts puts in a string, the same hash will always come out, but change one small characteristic, like a single letter or even just the case of a letter, and the whole thing changes. It also has the special property of being non-reversible. This means that even if a talented hacker has the hash and knows the algorithm, he/she cannot get the input.

So why is this outdated? Well, in today's modern world 32 characters is not enough. When someone puts in a string longer than 32 characters the algorithm loops over and starts reusing hashes. When this happens it is called a collisions, and because of the age of the MD5 algorithm, some of these collisions are known. Think of it like playing a game and you get the super-duper high score and it goes from 9999999 to 0000000. There are better and newer hash generators out there like SHA-1, but for our purposes, MD5 will work just fine.

Step 2: Brainstorm

Come up with some ideas for passwords. The number one priority here is how easy it is to remember. You can chose the weakest password in the book (or rainbow table ;) ) and it wont matter.
Thing to remember

1. If you find adding spaces make it easier to remember, do it. Otherwise, then leave the spaces out.

2. Don't capitalize, it is easier to remember.

3. No need for symbols here, keep it clean.

Step 3: Open Up a Hash Generator

Go to the following website
http://www.miraclesalad.com/webtools/md5.php

and type your password into the box. Avoid pressing "enter" as it will change the result. Also make sure there are not undesired spaces before or after your password. The string of characters displayed below is your new password.

Want to change the password for a different website? To make it easy to remember, just type in the name of the website right after your password.

For example.

passwordredit

passwordpaypal

passwordinstructables

passwordevernote

You can see below that the entire hash generated is completely original, without having to remember a different password for every website, you just have to remember one small password and be able to read the name of the website in the address bar.

When copying the password be sure to avoid highlighting anything outside of the password. Adding extra spaces, line breaks, and characters will mess it up.

Step 4: But What If I Can't Remember That Website?

Don't worry. Like I said in step one, the MD5 hash generator works anywhere. This is regardless of where the algorithm is being run. Just Google "MD5 Hash Generator" and you will be presented with a page full of options. The picture above shows the word "password" encrypted on www.md5hashgenerator.com.

Step 5: So How Strong Is It?

Well this is all fine and good, but how strong is the password? Just take a look. In the red picture I typed in the word "password", and as you can see, it would be broken very quickly. After running it through the hash generator, I plugged it in, resulting in a breaking strength of 501 nonillion years. That's 501 thousand billion billion billion years.
If you want to try this out for yourself the website can be found at howsecureismypassword.net

Step 6: That's Not Strong Enough!

Ok, ok. I understand if you are still a bit twitchy about someone breaking your password. To remedy this, chose a symbol on your keyboard and add it to the end of the password after it has been sent through the MD5 Hash Generator. As you can see this changes the time it takes to crack from a measly 501 nonillion years to a beefy duodecillion years. Let's compare.

Old password

Is Instantly cracked

New Password

501000000000000000000000000000000 years to crack

New+1 Password

1000000000000000000000000000000000000000 years to crack

That is quite an improvement.

Comments

author
dchall8 (author)2014-03-22

There can not be enough discussion about secure passwords. I like passwords generated using symbols which are not on normal keyboards. Take this one for example.

/%/K\G˜,_sO¦R¥ÅÀbݾöàˆ~¼Ð‚Â4×òO?ù;ñN:è1?x🇸½Žñç

This was generated by KeePass, a password vault I use to remember about 200 passwords. According to howsecureismypassword, it would take 6 untrigintillion years, or 6 x 10 to the 96 power, to crack. That's longer than my computer will last.

author
BaTcH MasTeR 101 (author)dchall82014-04-16

Well... You Said that it wasn't on a normal keyboard but sadly it is. It is uni code I can re write it

:/%/K\G˜,_sO¦R¥ÅÀbݾöàˆ~¼Ð‚Â4×òO?ù;ñN:è1?x🇸½Žñç▄

yeah soo... easy.

author
dchall8 (author)BaTcH MasTeR 1012014-04-16

That's weird because, for example, I don't have a Ý key on my keyboard. I can find it in the symbols for certain fonts, but it is not one of the keys I see on an American keyboard for the casual typist to just hit that key.

author
BaTcH MasTeR 101 (author)dchall82014-04-22

Yeah You dont see it but its there because unicode can be types with an onscreen keyboard or By pressing Alt+2268 for example witch equals this :▄

Its a matter of knowing if the person that's trying to hack knows all unicode formats or not

author
dchall8 (author)BaTcH MasTeR 1012014-04-22

...and going through all that hassle is what takes 6 untrigintillion years, so I'm feeling good about that kind of password.

author
BaTcH MasTeR 101 (author)dchall82014-04-23

Me Personally I could hack that in minutes BTW im 13 lol...

author
dchall8 (author)BaTcH MasTeR 1012014-04-23

So you're the genius and howsecureismypassword.net doesn't know what they're talking about? Perhaps you should be working for them.

author
BaTcH MasTeR 101 (author)dchall82014-04-23

Like you dont see People like me that often coz Like Im a Freak pplz tell me

author

How about a friendly challenge. I have created an email. It's "chalange314@gmail.com" (yes, the weird spelling is intentional). Email it if you like and I'll email you back. If, in a week, the password is changed and I cannot access it, then I believe you. Otherwise I will assume your are bluffing. Capisce?

author

Mate when it is 30 days old there is an HTML code I can use to hack it

Ja?

author

Then I will wait 30 days.

author

Replyok deal

author
BaTcH MasTeR 101 (author)dchall82014-04-23

oh yeah nice post on the tactical light thing

author
TheGreatS (author)dchall82014-03-22

Wow, I think that's longer than anyone's computer will last. Thanks for sharing!

author

This is really good information, thanks for sharing. I have so many different websites I need passwords for these days

author

Happy to help!

About This Instructable

1,881views

20favorites

License:

Bio: I enjoy electronics and like to build things through whatever medium I need to in order to get to an end.
More by TheGreatS:Make an Easy to Remember Hard to Guess PasswordPong Playing Flexible Screen on a ShirtHow to Make a Duct Tape wallet.
Add instructable to: