Kevin's Papers

Technical Papers by Kevin Morrison

Font size: +
4 minutes reading time (797 words)

Generating Secure Passwords

Making a secure password with conventional means has always been problematic and for those that do not take online security seriously or think that they are not subject to being hacked tend to ignore these methods and opt for an easy to remember password that is inherently insecure. Studies have shown that even with the most secure formats that we use today they have found that these passwords can be relatively easy to crack.

There is a better way to create a password that is easy to remember and far superior to conventional wisdom. In this post I will outline not only the easy way to generate secure passwords but offer to help you discover a way to instantly create secure passwords that are different for all your online accounts. I am sure you have been told that using the same password for more than one account is not a good idea. While it is already a pain to create a secure password that you can remember, we are also warned that we have to have a different password for every website that we have a secure login to. My research shows me that not only is this not being done but I have found that even the savviest users that I know are not using secure passwords, myself included. I often use a password from way back that I use all too often and was once the only password I used for all my online activity. Of course most of the sites I use that on do not need to have a secure password since it may be a login for a site where I just need to login to read a blog that is secure and I don’t really care if it gets discovered.

So here is a method that anyone can use to generate a secure password that has been found to be nearly impossible to crack. Of course the reality is that any password can be cracked, given the time. However the method I am going to describe has been calculated to take hundreds if not thousands of years to crack even by the most sophisticated systems of today. What you first need to do is detail out some events from your past that are easy for you to remember. This could be an event or something specific that happened and there are no limitations here, only that you don’t use dates or common names that would be easy to find out. What we are going to do is take these memories and create a pass phrase that you will use for your password. With this pass phrase it will be easy to interchange different sections of it so that you can adapt it to different websites.

Once you have a list of events that you want to use for your pass phrase it is a simple matter of taking away a few keywords that describe the event and combine all those keywords together to create a password passphrase.

Here is a short example of how this might work {The first part is the event and the second part is the takeaway keywords that will be used in the password]:

My Wedding: cake fell over [cakefellover]
My First Car: cool color of green [mycarisgreen]
My Trip to Hawaii: First time I saw a palm tree [palmtreesarecool]

So with these passphrases complete we can now take them and put them together to make a great secure password: Note how I place a “-“ in between the phrases for this example: [cakefellover-mycarisgreen-palmtreesarecool ]

Feel free to experiment with this idea to create a password that will be easy for you to remember. From here you can add something about the website that you need a password for and add something specific to that site. It could be the name of the site or something that stands out to you. So if we take the passphrase we created here and say we need to have a login to the CNN website. We could do something like this [ cakefellover-mycarisgreen-CNNpalmtreesarecool ]. Take that idea and setup a pattern that makes sense to you and you will have a great password system that you can use on any website. So now instead of putting your password on a sticky note and putting it on your monitor or somewhere else that everyone can see. Take your passphrase titles and put them up so that it will remind you what words you used in your password.

While this is just an example I think you can figure out a system that works for you. Feel free to use special characters and capital letters sprinkled in your password to give it even more strength and also to make it easier to type out.

Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Configure Joomla to Send Email using Google Apps
How to Backup a Joomla Site without Akeeba Backup