Easy-type Secure Passwords
Intro: Easy-type Secure Passwords
Passwords are the bane of my life, especially where they need to be secure. I'll be glad when the add a security chip to my brain in the jar. Until then, I like them to be long and not easy to guess or crack, especially for financial sites. Some sites recommend using combined non-connected words to beat dictionary look-up (e.g. TreeWhale)
However, I don't like using real words or phrases etc. due to my hyper-digital-paranoia.
So, I used to use contrived random letters and numbers with a few symbols thrown in. e.g. Ugt565Tgr!dho£h67J
However, these get to be a real pain to type in and are easy to mistype. So what's the solution to random secure passwords that are long enough to be secure but easy enough to type? The answer is total nonsense.
I've long been a fan of Edward Lear and Lewis Carroll, both of whom are pre-computer nonsense writers supreme. So how do you make easy-type secure passwords? Using real-word sounding nonsense is the answer. Dictionary look-ups will fail but it will be easier to type. I find making it look like a sports score and using caps also works in breaking it up into manageable phonetic chunks.
Examples are:
SprigglyTig87QuiggleBoster23
ZirkyBelky12MarklePoot34
Prichenzal!Quirzy35?
!Minherpal23Spirkletack?
The problem is: how do you remember such rubbish? The answer is to write it down in your secret password book. But that's not really secure, is it? What if someone gets hold of the book or looked over your shoulder at a page? The answer is the keyword. This is an easy to remember word which you put in front of every password but don't write this down. So, if your keyword is Plop, the password becomes PlopDinkleGling56 but you record it as DinkleGling56.
Enjoy an easier secure password typing experience. That's all for now, f'f'f'f'olks!
STEP 1: Who Needs Steps?
Steps are needed to get higher. This instructable is already high enough.
5 Comments
koshari 6 years ago
I have used keyboard patterns for years that can be written down or kept in a database, and yield what appear to be strong.
For example, bHu*9IjN is written down a b, and the sequence is typed b <CAP>h u <CAP>8 9 <CAP>i j <CAP>n. It takes some practice to press the <CAP> key at the right time, but that's not to hard for me.
When it comes time to change your password, simply choose another key to start with and always use the keyboard "circle" in the same direction; I used right sided patterns. So change b to h: hU8(iJnB.
I hope this is clear.
AbDuCt 8 years ago
Why not use an local encrypted password database like keepass which you use a passphrase and key files to unlock. This allows you to have secure access to all your passwords in one place, as well as a strong unique password generator so no two sites would use the same password. Also nonsense passwords are not as secure as longer dictionary word counterparts. Example "Ugt565Tgr!dho£h67J" has 104 bits of strength while "This Is A Really Big Password!" is much easier to type and remember while having 110 bits of strength. Now substitute some numbers in there that make sense and you have a password that would take lifetimes to crack with current technology. Also dictionary attacks would be useless unless the tool creates permutations on the fly that substitutes numbers and symbols in the words and even then it would take forever.
wobbler 7 years ago
just read this. My post is about being able to keep a list of different passwords in a secure way. Using the same pass phrase across many sites isn't secure. If I have to substitute numbers in the passphrase to keep it more secure, how do I record/remember all the different passwords? That's the problem I'm trying to deal with here.
Finally, using an encrypted password database is ok on one machine, but I use different machines and I find this easy to do. I could even use somebody else's machine if I wanted (although I wouldn't trust it!).
imcp1024 7 years ago
wobbler 7 years ago
It lets me keep a written record of the many passwords I seem to be accruing in a book. I use different passwords for all of the different sites I use for security. However, writing down passwords isn't exactly secure, so the unique missing secret word, which is personally easy to remember and I don't need to write down acts as a security feature for the written down passwords. If the extra word isn't present, the written passwords won't work. Hope that makes sense.