Password Myths
Update May 9, 2020: Another good article about passwords: Why jK8v!ge4D isn’t a good password
You can find plenty of arguments to counter the points made in the article linked below, but I happen to agree with many of the points made.
I password is useless if you can’t remember it and these days, we all have tons we have to remember.
At work I had to write a password validator to use in a mobile app’s enrollment screen. I chose to only allow the special characters found on a standard keyboard. No extended ascii characters allowed. Limiting support calls was my main motivation.
Myth #2. Dj#wP3M$c is a Great Password
A common myth is that totally random passwords spit out by password generators are the best passwords. This is not true. While they may in fact be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are just as strong but much easier to remember by using a few simple techniques. For example, consider the password “Makeit20@password.com”. This password utilizes upper and lower-case letters, two numbers, and two symbols. The password is 20 characters long and can be memorized with very little effort; perhaps even by the time you finish this article. Moreover, this password can be typed very fast. The portion “Makeit20” alternates between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you (for a list of nearly eight thousand English words that alternate between left and right-handed keys, see http://www.xato.net/downloads/lrwords.txt.)
The best technique for creating complex passwords that are easier to remember is to use data structures that we are accustomed to remembering. Such structures also make it easy to include punctuation characters in the password, as in the e-mail address example used above. Other data structures that are easy to remember are phone numbers, addresses, names, file paths, etc. Consider also that certain elements make things more memorable for us. For example, patterns, repetition, rhymes, humor, and even offensive words all make passwords that we will never forget.
One thought on “Password Myths”
ALAN……I do to know my password….it only took me an hour to figure it out….this time. SUE