Ocala.com Bloggers
- Broken News
- Bill Thompson
- Digital Editor
- Eric Barnes
- Frame 37
- Ocala.com Multimedia
- Marion Politics
- Newsroom
- Observations
- Naseem S. Miller
- OcalaDay
- Joe Byrnes
- Read My E-Mail
- Allen Parson
- Running Wide Open
- Joe Vanhoose
- Speaking of Business...
- Dr. Philip R. Geist
- The Bowling Blog
- Debbie Whitten
- The Green Zone
- Dave Rhea
- The Sports Blog
- Gregory Broome
- What is that?
- Newsroom
 |
Search Blogs
|
 |
|
|
|
|
Blog Archives
|
|
|
|
|
|
|
Creating effective but hard-to-break passwords can be quite easy
|
|
|
|
|
|
|
Location: Blogs Sly Comments |
 |
| Posted by: Emory Schley |
4/30/2007 1:01 AM |
In today’s world, especially with all the Internet accessing going on, an important element of our everyday lives is becoming ever more so, and that element is a password. We have passwords for ATM accounts, passwords for on-line access to banking services, passwords to subscription Websites, passwords for on-line purchases, passwords for e-mail and passwords for just about anything else you’d like to keep reasonably private.
I was becoming so overwhelmed with passwords at one point, that I threatened to hire a secretary just to keep up with them. But doing that was really not practical (besides, I couldn’t afford it. Secretaries probably make more than I do). So I decided to tussle with the situation for a bit to see what I could come up with. Many ATM accounts have a four-digit code you have to punch in before making any transactions. Using your birth month and day is a popular practice. Someone born on Feb. 4 might use 0204, whereas some might use the last four digits of a Social Security number.
This is OK, I guess, but if someone happens to know your birthday or your SS number, they could easily gain access to your accounts. You might consider using that 0204 all the same, just modify it a bit to “disguise” it. You could just turn the number backwards and use 4020, or you might pull the two middle digits and deposit them at the end, like 0420. If you want to get even more creative, you might use 0204 as a “base” number and add a second number like 1234, which would give you 1438. You would still be using your birth month and day, but you would have to add 1234 (or any other easy-to-remember figure) to come up with the final password.
With a system that allows both letters and numbers, there are all kinds of schemes you might try. One that has worked for me quite well is to come up with something of significance to you. Let’s say you really like a Ray Stevens’ song where the chorus includes “Everything is beautiful,” and you mix the initial letters in with your Feb. 4 birthdate. You could then use 0e2i0b4. Any phrase you can remember would do: TBM for “three blind mice” would yield 0t2b0m4; and JAJ for “Jack and Jill” would come out as 0j2a0j4. If interleaving the numbers is too difficult, then just use the initials for your secret phrase followed by your four digits to get: eib0204, tbm0204 or jaj0204. It would take quite some time for the average hacker to crack one of these codes.
It wouldn’t be impossible to crack these, of course, but if you only use a common word that can be found in the typical dictionary, then your secret code could be cracked in mere seconds by a competent hacker.
How about remembering which password goes to which site? Good question. You can come up with a password that reflects the name of the site it goes with by keying the first letter of the password to the first letter of the place where you’re going to use it. For example, say you need a password for eBay. The first letter of eBay is e, so use a phrase beginning with e, like the “Everything is beautiful” example we used above. If you need a password for PayPal, then use a phrase that begins with p, like “Peter Piper picked,” which mixed in with your birthdate of Feb. 4 would yield 0240ppp, or 0p2p0p4, or any of the other combinations we’ve already talked about.
Think about it for a few minutes and you can probably come up with LOTS of potential passwords, and “key” them all to their individual accounts all at the same time! Once you come up with a system that works well for you, you’ll no longer be aggravated by all this password business. But best of all, you’ll have a quick and neat system that’s remarkably secure! |
|
| Permalink |
Trackback |
Comments (2)
Add Comment
|
Re: Creating effective but hard-to-break passwords can be quite easy |
By Phil on
4/30/2007 6:07 AM |
| Excellent advice! Microsoft has a website that allows you to test the "strength" of your passwords. It is located here: https://www.microsoft.com/athome/security/privacy/password_checker.mspx |
|
|
Re: Creating effective but hard-to-break passwords can be quite easy |
By Wolfgang on
5/3/2007 12:51 PM |
| ...or you could do as an increasing number of frustrated folks are doing, and simply decide that the risk of identity theft and the ensuing hassle is not as much of a certain pain in the rear of never knowing your password (some of which you must change regularly using a couple of dozen digits including at least one letter, number, punctuation character, and several archaic Viking rune signs). A post-it note at the bottom of the monitor has become the unfortunate result, which undermines security horribly, but password-fastidious sites encourage such behavior since the result will no longer be "their" problem. |
|
|
|
|
|