Complex, secure passwords made easy

Thu 29 September 2011

I attended a talk by Aaron Toponce at Ohio Linux Fest on password security.  Everyone knows you shouldn't use a simple password that is easily guessable and that you shouldn't use the same password for every account but how do you make unique, complex passwords and only use it once per account and still remember them all? Personally, I've been using a password locker (encrypted storage for my passwords) and using Gnome Password Generator to create random strings of gibberish.  But Aaron discovered a better way.

[caption id="attachment_448" align="alignleft" width="300" caption="A simple card to use to help you create and remember your passwords."]image0[/caption]

The solution,PasswordCard, is quite simple and easy to use.  The card has eight rows and twenty-nine columns of random letters and numbers that you can use to create your password. To create a password simply choose a starting point on the card (maybe the frown face and the #4 for your work email account), remember where you started, and then follow a pattern on the card to create your password.  You can choose any pattern you like (and should probably always use the same pattern for each of your passwords so you won't forget).  That's it, you are done.

Let's try one together to make sure everyone is on the same page.  It's time to change that work email password.  You've got your PasswordCard in your hand (laminated I'm sure) and we are going to start at the frown face and the #4 (work is a four letter word after all).  So the first character of our password is P.  From there we can go in any pattern you want.  Perhaps just a straight line up, down, or sideways or maybe we're going to make a square or a stair-step.  For our example we'll use a stair-step pattern with five characters on each step and we'll go to the left and down. P...F...G...F...Z...v...P...5...N...F...x...b...J...t...d...B...4...B...K...Q

Did you see what I did after the N?  Because I ran out of letters going down I just started over at the top and kept going.  So now we have a very good password that is complex and long (more characters in your password make it harder for others to break into your account).  Just remember where you started and  your pattern and you'll never forget your password!  Need another password for another account?  No problem, just select a new starting point and use the same pattern that you used before.  It's that simple.

One thing I should mention is that each card is unique.  If you lose this card you won't be able to go back to the website and get the same card back unless you have that code at the bottom of the card.  It is very important to write that code somewhere safe so you can get your card back if you happen to lose the original.

Too cool for a piece of paper?  Not a problem!  There is also an Android application and one for your iPhone as well that will allow you to take  your password card with you everywhere.

So, there you go!  No more excuses for not having secure passwords and remembering them, too!  And unless you divulge your starting point for each of your passwords and the pattern used to create the password no one will be able to obtain your passwords simply by looking at your card.

By Sparks, Category: Information Security

Tags: passwords /