Skip to main content

 

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

 

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

 

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

 

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

 

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

 

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

 

 

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

 

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

 

Example

 

I have delected the song Down in the Park by Gary Numan.

 

 

Next I have chosen the paragraph I will use from the song which is:

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

Now I pick the first letter from each word to form the password.

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

So you end up with this

 

ctzzapteliwbiodycwthttr

 

For most this would be quite long, so you could just pick the first six words (letters) and use that.

 

(ctzzap)teliwbiodycwthttr

 

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

 

ctzzapteliwbiodycwthttr1979

 

or a shorter 6 letter password if preferred.

 

ctzzap1979

 

 

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

 

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

 

 

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

 

Ctzzapteliwbiodycwthttr(1979)!

 

 

If you have any questions please ask away.  

 

 

 

 

Replies sorted oldest to newest

Originally Posted by Yogi19:

Some good hints and tips, EC.

I never use pets or family names, or birthday or anniversaries etc, and I have a different password for everything.

However, I have so many passwords that I can't remember them and have to write them down in a book. If anybody gets hold of my book, I'm stuffed!

 

 

With this method Yogi you could either reduce down to 1 password for all accounts or minimise the number you have. If you wanted to increment an existing password using my method I would increment the 10's.

 

ctzzap1979

 

ctzzap1989

 

ctzzap1999

 

etc...

 

Enthusiastic Contrafibularities
Originally Posted by Jenstar:

As a rule i don't like talking about passwords especially in public like this. I may think I'm giving nothing away but in fact i would be by saying anything about how i select mine so I'm not going to

 

Jen, you will notice that I have used an example to illustrate my method of password creation, I have not given anything away. This method of password generation is a known technique in security circles and is much more secure than the password selections made by the vast majority of people.

 

I once witnessed a password cracking programme being run on server. A few days later a text file was opened and read which listed the username and their password. It is amazing how much info people put into their passwords.

 

Along with many football teams and player names there were some interesting ones:

 

Ihatework

mybossisa****

cocaine

ilovesusan (susan was not his wife or daughters name)

 

Enthusiastic Contrafibularities
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Yogi19:

Some good hints and tips, EC.

I never use pets or family names, or birthday or anniversaries etc, and I have a different password for everything.

However, I have so many passwords that I can't remember them and have to write them down in a book. If anybody gets hold of my book, I'm stuffed!

 

 

With this method Yogi you could either reduce down to 1 password for all accounts or minimise the number you have. If you wanted to increment an existing password using my method I would increment the 10's.

 

ctzzap1979

 

ctzzap1989

 

ctzzap1999

 

etc...

 

Thanks EC, I am going to give this some thought.

Yogi19
Originally Posted by Enthusiastic Contrafibularities:

 

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

 

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

 

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

 

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

 

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

 

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

 

 

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

 

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

 

Example

 

I have delected the song Down in the Park by Gary Numan.

 

 

Next I have chosen the paragraph I will use from the song which is:

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

Now I pick the first letter from each word to form the password.

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

So you end up with this

 

ctzzapteliwbiodycwthttr

 

For most this would be quite long, so you could just pick the first six words (letters) and use that.

 

(ctzzap)teliwbiodycwthttr

 

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

 

ctzzapteliwbiodycwthttr1979

 

or a shorter 6 letter password if preferred.

 

ctzzap1979

 

 

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

 

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

 

 

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

 

Ctzzapteliwbiodycwthttr(1979)!

 

 

If you have any questions please ask away.  

 

 

 

 

You flippin' ARE a spy, aren't you???

Kaffs
Originally Posted by KaffyBaffy:
Originally Posted by Enthusiastic Contrafibularities:

 

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

 

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

 

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

 

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

 

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

 

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

 

 

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

 

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

 

Example

 

I have delected the song Down in the Park by Gary Numan.

 

 

Next I have chosen the paragraph I will use from the song which is:

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

Now I pick the first letter from each word to form the password.

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

So you end up with this

 

ctzzapteliwbiodycwthttr

 

For most this would be quite long, so you could just pick the first six words (letters) and use that.

 

(ctzzap)teliwbiodycwthttr

 

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

 

ctzzapteliwbiodycwthttr1979

 

or a shorter 6 letter password if preferred.

 

ctzzap1979

 

 

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

 

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

 

 

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

 

Ctzzapteliwbiodycwthttr(1979)!

 

 

If you have any questions please ask away.  

 

 

 

 

You flippin' ARE a spy, aren't you???

Moonie
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by Cinds:

I use random purchase order numbers that we have been sent by customers, using the ones that contain both letters and numbers and are at least 10 digits.

 

That's a good idea Cinds, but how do you remember each password?

I'm not sure.  Probably from years at working at the Prescription Pricing Bureau where it was an essential part of the job to memorise codes. 

Cinds
Originally Posted by suzybean:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by suzybean:

So it's not a good idea to have robbinglyingbastards!! as my internet banking password then?

 

Afraid not. However true it may be. 

Even if I added an ampersand after robbing and an asterisk after lying? 

 

It would help, but having taken out the real words there is only 2 characters still to guess.

Enthusiastic Contrafibularities
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by suzybean:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by suzybean:

So it's not a good idea to have robbinglyingbastards!! as my internet banking password then?

 

Afraid not. However true it may be. 

Even if I added an ampersand after robbing and an asterisk after lying? 

 

It would help, but having taken out the real words there is only 2 characters still to guess.


Rather than ADD symbols, REPLACE some of the letters with symbols.

Extremely Fluffy Fluffy Thing
Originally Posted by Extremely Fluffy Fluffy Thing:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by suzybean:
Originally Posted by Enthusiastic Contrafibularities:
Originally Posted by suzybean:

So it's not a good idea to have robbinglyingbastards!! as my internet banking password then?

 

Afraid not. However true it may be. 

Even if I added an ampersand after robbing and an asterisk after lying? 

 

It would help, but having taken out the real words there is only 2 characters still to guess.


Rather than ADD symbols, REPLACE some of the letters with symbols.

 

We do use that method as in the example below.

 

Pa$$w0rd

 

The downside to this is it takes longer to learn and become fluent at. But certainly a good technique.

 

 

Enthusiastic Contrafibularities
Originally Posted by KaffyBaffy:
Originally Posted by Enthusiastic Contrafibularities:

 

Now and again I see posts about passwords and thought I would write a piece about them (seeing as computers and security form part of my business).

 

From a personal point of view security of passwords and the accounts they protect is more important than having a password which is so simple to remember that a 5 year old can crack it.

 

However there is a way to have what would appear to be a difficult password to remember but which is in actuality rather easy to remember and much more secure, let me explain...

 

Here are a selection of the worst passwords as published:

password, 123456, 12345678, abc123, qwerty, letmein, 111111, iloveyou, trustno1, 1234567, 123123.

 

Also your pets, partners, children's names are common along with dates of birth, anniversaries and registration numbers (avoid all of them).

 

The reason to avoid real words is that there are applications which can perform 'dictionary' attacks. These as you would imagine use real known dictionary words to try when cracking passwords. Also anyone watching you type real words can remember them easily. Which brings me on to a better password selection methodology.

 

 

I use the memorable song method, although it couple be a poem or dialogue from a film or play in fact anything you know well.

 

The idea is quite simple, choose your memorable (in my example) song, next select the first letter of each word. This will make up your password. You can add in numbers and characters to make it that much more secure. See my example below.

 

Example

 

I have delected the song Down in the Park by Gary Numan.

 

 

Next I have chosen the paragraph I will use from the song which is:

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

Now I pick the first letter from each word to form the password.

 

Come to Zom Zoms'
A place to eat
Like it was built
In one day
You can watch the humans
Trying to run

 

So you end up with this

 

ctzzapteliwbiodycwthttr

 

For most this would be quite long, so you could just pick the first six words (letters) and use that.

 

(ctzzap)teliwbiodycwthttr

 

For added security I would add in some numbers, in this case the year the song was released, so my final password would be:

 

ctzzapteliwbiodycwthttr1979

 

or a shorter 6 letter password if preferred.

 

ctzzap1979

 

 

Now I know it all look a bit messy and hard on the eyes, but I currently have 34 character password in this format for my work accounts.

 

Trust me, I can now type it very quickly and people at work have no idea what I am typing as it looks like nonsense! So you can have colleagues standing by you as you type.

 

 

If anyone is still reading I take my passwords a bit further and below is how I would use the password above with all my added characters like capitalisation and non alpha characters.

 

Ctzzapteliwbiodycwthttr(1979)!

 

 

If you have any questions please ask away.  

 

 

 

 

You flippin' ARE a spy, aren't you???

He so feckin is Kaffy    

 

And here's me using band members out of Chou Pahrot    

FM

Add Reply

×
×
×
×
Link copied to your clipboard.
×
×