Password suggestions...

[Beemerguy53]

Reading the thread on credit card security got me thinking...

My current employer requires regular password changes on my various work websites, and the requirements are pretty strict: No repeats, must have 8 to 12 letters, must have a combination of upper and lower case letters, numbers, and special characters, etc.

Some time ago, I figured out a way to satisfy these requirements AND remember my passwords so I wouldn't get locked out: I use firearms, aviation, automobile, and motorcycle names and designations as my passwords. If you're an enthusiast in any of those arenas, you should be easily able to hit upon passwords that will be easy to remember, but hard for someone else to figure out. For example:

P-51Mustang

ColtM-1911

S&WModel10

1967ChevelleSS

1977YamahaRD400

M-1Garand

Airbus-380

You get the idea...

 

[sasu]

A safe password is long, at least 12 characters but longer is better.

To make it easy to remember the password can be a phrase, e.g. "yellowcatsarerare". It is safe if there are at least four words in the phrase, as this creates so many possible combinations that a dictionary scan is too costly for a hacker.

Adding numbers and special characters does not increase security as a computer can scan those just as well as normal characters. But those special characters make it hard to remember so people write down the password or use too trivial passwords.

The key to security is the length of the password. And make it hard to scan by using at least four words.

 

[hoc9sw]

when they add a dictionary checker, you'll be doomed.

We have one, and any part of the password that matches a dictionary word stops you. You'll add a map.

pass = p1ss
fred = fr54

Numbers become the shifted value:
1= !
2 = @
3 = #

and so on.

 

[Beemerguy53]

A safe password is long, at least 12 characters but longer is better.

To make it easy to remember the password can be a phrase, e.g. "yellowcatsarerare". It is safe if there are at least four words in the phrase, as this creates so many possible combinatins that a dictionary scan is too costly for a hacker.

Adding numbers and special characters does not increase security as a computer can scan those just as well as normal characters. But those special characters make it hard to remember so people write down the password or use too trivial passwords.

The key to security is the length of the password. And make it hard to scan by using at least for words.

I have no problem with your suggestion...it sounds valid to me. The problem is that many employers require passwords which include numbers and special characters and capital letters.

Personally, I don't see why passwords need to be changed regularly, but my employer requires that as well...

 

[Ματθιας]

V I N numbers can work. They have letters and numbers and are 17 digits long. Capitalize some of the letters and change the last digits around to suit whatever it is you need.

Passwords can be hacked/compromised, too.

 

[cowart]

The closest you can probably get to a bullet-proof password is to use a diceware password based on 6 words. For details see

Diceware Passphrase Home

 

[Onomea]

I like Sasu's "Yellow cats are rare, "Ycar" idea. But then, switch it into a foreign language for those who know one: Yellow cats are rare" in Croation is "Žute mačke su rejetki," so Žmsr.

Ha, that ought to do it! (Ow! My head hurts!)

 

[ImprovedModel56Fan]

I like Sasu's "Yellow cats are rare, "Ycar" idea. But then, switch it into a foreign language for those who know one: Yellow cats are rare" in Croation is "Žute mačke su rejetki," so Žmsr.

Ha, that ought to do it! (Ow! My head hurts!)

What makes that password so hard to crack is that yellow cats are not all that rare. Of course, they might be rare in Croatia.

 

[ralph7]

Seems like a made up word that has no meaning would be a safe bet for those that don't like to have to type in a long sentence, come password entry time. (me)

 

[steelslaver]

Use the scientific function of a calculator to convert something like your birthday. Lets say your birthday is 07 15 1954 enter 07151954 in regular decimal multiply it times your age 60 and the hit the hex tab (hexadecimal). tt becomes 1993cf38.

 

[soFlaNative]

I'm required to change password with alpha numeric characters regularly at work and the only way I can remember is to change one letter in the sequence at a time. If it is "A", I'll change it to "B" then "C" and so forth.

 

[LittleCooner]

My Smith and Wesson pistols cost a lot of money

"myS&W$$$" 8 characters, some caps, some small and has symbols.

 

[m1gunner]

How many passwords do you have? Every site you go to now wants you to "register" and use a password for full access. Employer, several e-mail accounts, one or more cellphone accounts, bank, ebay, several gun auction sites, several dozen discrete internet businesses, your state DNR, the IRS, etc., etc.

You should have a discrete password for each and every site, and change it min every 30 days.

I would need to hire at least one full time employee to do that.

 

[Gamecock]

10-4 BeemerGuy. 404 Jeffery made it into a lot of my passwords.

As a retired computer scientist, I am amused by password mania. Complex password requirements indicates a problem on the system end, not the users' end.

 

[Rangerpat]

For a long one use the gun and serial number: M360jframe1234revolver*!

 

[snubbyfan]

I use Indian words. Worked for the Navajo code talkers.

 

[e3mrk]

One password I used to use was the name of the manufacturer of the gas valve on my hot water tank.I had to change it because I changed mail servers.

 

[Old TexMex]

"I can't remember anything clever enough to fool a hacker 1"... So I just use that for a PW.
.
.
Oh, dang it.

 

[Jack Flash]

I read an article awhile back about making up passwords. The author suggested taking a favorite song, book, or poem to create an easy to remember password.

Suppose you love T.S. Eliot's Old Possum's Book of Practical Cats.

Take the author's initials and "separate" them with the first letter of the title:
TSOPBoPCE

To meet any requirements for special characters, you may what to substitute dashes or underscores for the periods in "T.S."
T_S_OPBoPCE

If the title of the book/song/poem is too short, you can use the first line (or your favorite line). To meet any requirement for numbers, I usually pick a quote that has the word "to" or "for" and substitute "2" or "4" respectively.

Suppose you like the Bird's song "Turn, Turn, Turn" with first line (which is a verse from the Bible) "To everything there is a season, and a time for every purpose unto heaven." (Hopefully I remembered that correctly!) Toss in some special characters and you get:
T_2etiasaat4epuh_B

 

[Gamecock]

The problem is, it will just take the software a little longer to guess it.

We used to do 3 and out. If the login failed 3 times, we disconnected. If failed attempts continued, we disabled the account. If you get <10 guesses, you ain't going to guess. As I said above, fancy passwords indicate a problem with the system. If hackers get a trillion tries, they figure out any password.