Skip to main content

Creating an invincible password

You think you have a clever password, eh? Well, sorry, guest123 just ain't gonna cut it anymore. Hackers* can crack your English-word-plus-number based password in a matter of hours. With much of our lives moving online, through email, Facebook, online photo albums, banking, etc, Farhad Manjoo's tips on creating invincible passwords is well worth reading. His tips basically boil down to to following two steps:

Start with an original but memorable phrase. For this exercise, let's use these two sentences: I like to eat bagels at the airport and My first Cadillac was a real lemon so I bought a Toyota. The phrase can have something to do with your life or it can be a random collection of words—just make sure it's something you can remember. That's the key: Because a mnemonic is easy to remember, you don't have to write it down anywhere. (If you can't remember it without writing it down, it's not a good mnemonic.) This reduces the chance that someone will guess it if he gets into your computer or your e-mail. What's more, a relatively simple mnemonic can be turned into a fanatically difficult password.

Which brings us to Step 2: Turn your phrase into an acronym. Be sure to use some numbers and symbols and capital letters, too. I like to eat bagels at the airport becomes Ilteb@ta, and My first Cadillac was a real lemon so I bought a Toyota is M1stCwarlsIbaT.

I used to use a single password for everything, from banking to my Unix account at work. It's a miracle I never had a break-in. I now use several passwords, all completely scrambled based on the formula above. Now you, like me, have no excuse not to keep your online life securely locked up!


*Yes, I know that a cracker .NE. haX0r, but most people think "cracker" means something else, entirely.

Comments

blissful_e said…
I use LastPass. That way, I only have to remember one password (and I use the type you describe) but LastPass generates gobbledegook passwords for all my other accounts (email, bank, forums, etc). I don't think LastPass would work for a UNIX account, but I highly recommend it for everything else.
Marshall said…
I've recently jumped on the 1Password bandwagon, and so far I really like it. It integrates very nicely into Safari, so you just have to remember your one master password and it autofills any web page with the appropriate password for that site. And it does let you store arbitrary secure information of any sort, not just web page passwords, so it's good for encrypting unix account login info or medical record numbers or insurance information, etc.

The best part is that it works perfectly with Dropbox for synchronization between machines. Any accounts logged into on my laptop propagate the login info securely to my desktop, and vice versa.

Popular posts from this blog

An annual note to all the (NSF) haters

It's that time of year again: students have recently been notified about whether they received the prestigious NSF Graduate Student Research Fellowship. Known in the STEM community as "The NSF," the fellowship provides a student with three years of graduate school tuition and stipend, with the latter typically 5-10% above the standard institutional support for first- and second-year students. It's a sweet deal, and a real accellerant for young students to get their research career humming along smoothly because they don't need to restrict themselves to only advisors who have funding: the students fund themselves!
This is also the time of year that many a white dude executes what I call the "academic soccer flop." It looks kinda like this:


It typically sounds like this: "Congrats! Of course it's easier for you to win the NSF because you're, you know, the right demographic." Or worse: "She only won because she's Hispanic."…

Culture: Made Fresh Daily

There are two inspirations for this essay worth noting. The first is an impromptu talk I gave to the board of trustees at Thatcher School while I was visiting in October as an Anacapa Fellow. Spending time on this remarkable campus interacting with the students, faculty and staff helped solidify my notions about how culture can be intentionally created. The second source is Beam Times and Lifetimes by Sharon Tarweek, an in-depth exploration of the culture of particle physics told by an anthropologist embedded at SLAC for two decades. It's a fascinating look at the strange practices and norms that scientists take for granted.
One of the stories that scientists tell themselves, whether implicitly or explicitly, is that science exists outside of and independent of society. A corollary of this notion is that if a scientific subfield has a culture, e.g. the culture of astronomy vs. the culture of chemistry, that culture is essential rather than constructed. That is to say, scientific c…

The subtle yet real racism of the Supreme Court

Judge Roberts, a member of the highest court in the land, which is currently hearing the sad story of mediocre college aspirant Abigail Fischer, recently asked, "What unique ­perspective does a minority student bring to a physics class? I’m just wondering what the benefits of diversity are in that situation?" 
Did you catch the white supremacy in this question? If not, don't feel bad because it's subtly hidden beneath the cloaking field of colorblind racism. (As for Scalia's ign'nt-ass statements, I'm not even...)
Try rephrasing the question: "What unique perspective does a white student bring to a physics classroom?" The answer is, of course, absolutely nothing! Why? Because race isn't biological, and is therefore not deterministic of cognitive abilities. Did you perhaps forget that you knew that when considering Roberts' question? If so, again, it's understandable. Our society and culture condition all of us to forget basic facts …