Tags

, ,

Ordinary humans can’t remember very many strong passwords such as Microsoft’s example password — ?lACpAs56IKMs” — and they are forbidden from writing them down at work unless the paper can be placed in a bank vault. Furthermore, many work sites require you to change your password frequently. The various sites encountered in daily life such as banks and personal websites have different rules and limitations on what your password might be. Some ATMs require a specific number of digits and others don’t. Some websites require you to use capitals, numerals and symbols and some others even forbid their use. It’s a big fat mess for most people.

I will show you a way to create a unique new personal password for every weird new system you encounter and still be able to remember all the passwords without writing them down? Furthermore, I will show you how you can comply with each different computer password system without over-stressing your mind? The longer a password is the better but remembering random letters like Microsoft’s example above will slow your entry to a crawl. For real humans to remember them, the keystrokes must follow a rational pattern but using a pattern makes the password weak. As a start consider using some natural finger patterns while alternately pressing the shift key can create a good password.

+_)(][po”:LK/.,m

I can type out this 16 character string in less than a second and with no mental strain. Of course, now that I’ve written it here on the internet it’s worthless as a password. Actually, this is far too easy because it is too logical once you see the pattern but by shifting your hands to be over something meaningful to you like the word – farm spelled 4arm (forearmed) to get the numerals in the password and by placing your right forefinger over each letter and then rocking your hand from right to left, with each set of four letters alternately pressing the shift key, you get a really strong password –

&^%$fdsaUYTR/.,m Sometimes you are required to repeat it for accuracy: &^%$fdsaUYTR/.,m but with this system that is very easy. With a little practice you can type this complex string in under a second.

At this point all you must remember is your four letter word 4arm and the keystroke pattern. Another easy keyboard pattern would be to use a small number very familiar to you personally, for example, your age (say 49) and then type out a pattern derived from that number, for example –

4esz$RFV9ijn(OL>

That was made by starting at the first number, typing first key 4 and typing diagonally down to the left and then going back to the key 4, pressing the shift and typing diagonally down to the right. Then repeating that procedure with the second number key 9.

You can start anywhere on the keyboard and type in any direction and get a great complex password out of your very simple to remember password. You could change all your passwords annually on your birthday for example by just using the new number, in this example based on your age. If two years later you were required to enter a long abandoned password it would be easy to remember it by just subtracting however many years ago the password was used. It is easy for you to reconstruct these old passwords but to a computer cracking program they would be very different unless of course it knew what you were doing.

Another problem easily solved using this type of extensible password technique is that some sites require four key stroke entries for their password and other sites require up to sixteen. With this method you just truncate or expand by repeating the pattern with the same characters. Or alternatively you could have a longer personal word and only use the first few letters until you had satisfied whatever was required at a given site. Thus if your personal password was Obama it could be expanded from a minimal password of 4 characters

o = op[] typing to the right; for 8 characters to an expanded

ob = op[]BNM< and if you needed 12 characters it would become

oba = op[]BNM<asdf and if it were 16 it’d become

obam = op[]BNM<asdfM<>? and if it were 20 it would become

obama = op[]BNM<asdfM<>?asdf that is quite a few. It is probably more than you will ever need but it is very easily remembered and the method is applicable to all sites from the most insecure to the most extremely secure. In that example the shift key was depressed on alternate key letters.

As so far discussed if someone knew your password method for a given site he might use it for another of your sites. So it becomes necessary to create a variation on this basic method so it becomes unique for every site you go to. It must be something which is also easily remembered but unique to the new site. Therefore, since the name of the site is right before you when you access a site and it is unique, a simple variation on their name is all that is needed. It can serve as a variable method but be good for 4 digits to 20 digits. That can be done several ways but the easiest to remember is to simply start your password with the site name, the part immediately following www. and then continuing it with your standard personal password. So if you were setting up a secure account at http://www.microsoft.com your password would begin with micr and then you begin the pattern we explored above. Let’s say this site requires you to have a twelve character password. So, applying the rules above that would become micr, the first letters of the site you are creating a password for, plus your special password op[]BNM< and you would type microp[]BNM< This is a strong password which I just tested by Microsoft’s passwords checker site.

With this method so far, all you need to remember is 1.to attach the site name’s first letters to the beginning of that particular site’s password and to 2. attach your personal password, [think of new one now to replace ( obama )] and 3. to start each letter of your password with your personal keyboard pattern, [think of new one now to replace ( ←↑→↓ ) ].  And to make it different on a timed schedule insert the current year ( 2010 ) between the first set of your special characters and the second set. If you are required to change your password monthly just ad the month ( 201008 ).

microp[]201008BNM<

That would be a strong password to a Microsoft website which used 1. microsoft’s first four characters, 2. the first letter of your personal word to start the next four characters of your personal pattern, 3. the changing date for the next six characters and 4. the second letter of your personal word for the last four characters. Some sites require Capital letters and the symbols located on the keyboard as capitalized numbers which is easily accomplished by having your key word and pattern move through the number row.

With this method you can now reconstruct a unique password you created to a given site from several months ago if all you know is the month you went there.

None of this is exactly what I have done with my passwords but it should get you started on a really strong password.

With strong passwords you can go to sites you feared to go before.