Linked by Howard Fosdick on Sat 10th Nov 2012 07:28 UTC
Bugs & Viruses If you want to ensure you have adequate passwords but don't have the time or interest to study the topic, there's a useful basic article on how to devise strong passwords over at the NY Times. It summarizes key points in 9 simple rules of thumb. Also see the follow-up article for useful reader feedback. Stay safe!
Permalink for comment 541921
To read all comments associated with this story, please click here.
RE: Comment by Luminair
by Doc Pain on Sun 11th Nov 2012 03:38 UTC in reply to "Comment by Luminair"
Doc Pain
Member since:
2006-10-08

While simple words or phrases that could be "guessed" by dictionary-based attacks, their concatenation introduces much more permutations, as by your example:

compactdisksareOLD!
dogseatpoopbutIdont
wheninromehavesexwithromangirls


Words like "compact", "disks", "are", "old", "dogs", "eat", "poop, "but, "I", "dont" and so on would be a simple target. Concatenating simple words to form a new word perfectly fits the current startup naming culture. No need to introduce spelling errors here. :-)

An alternative is to learn intendedly "mis-spelled" artificial words that you can remember easily, but that won't show up in any directory, not even partially.

Some examples:

Mowdoodenlompar
Gnortlingsobiddenpoul
Gickbreddlequeckenrommodune

You can easily pronounce them and "learn their written representation". You could even say them to someone, but without the knowledge on how to write them it won't be useful.

A slight modification of this approach is to write one of the words of your native language in either a typeface-oriented or a pronounciation-oriented "emulation".

Examples:

WKOJIANgOM
derived from школаидом - школа и дом (school and house)

Rule: Make the word look as if it would have been written with cyrillic letters. Use phantasy as needed.

Advantage: As long as you restrict yourself to the "normal letters", you can even enter the password in "severely limited environments", e. g. in those where you cannot enter "non-english characters" maybe due to a misconfiguration or missing support.

DeeOumarHuttUynanHootOuf
derived from Die Oma hat einen Hut auf (the grandmother is wearing a hat, literally "has a hat on")

Rule: Construct a word that, if read (and pronouced) properly in English, would sound like the corresponding word (or sentence) in German. Ignore any possible accent.

Combine all discussed methods for more optimum security. :-)

Reply Parent Score: 2