Comments on: Good Password Guidelines – How to Make a Strong/Secure Password

By: Tara (PassPack)

Tara (PassPack) — Wed, 06 Jun 2007 09:44:31 +0000

@Torvaun
You’ve got a good memory then – I’d never manage. Just make sure you have a lot of these passwords though. Ideally you should have a different one for every site. But at the very least, make sure that you have unique passwords fro each banking and email account.

Cheers!
Tara

By: Torvaun

Torvaun — Tue, 05 Jun 2007 14:59:20 +0000

@Tara
Remembering what I used where is the biggest problem I have with this system, but I’m pretty good at remembering the passwords I use most often. The rest, I just run through all of my passwords until I get the right one.

By: Tara (PassPack)

Tara (PassPack) — Tue, 05 Jun 2007 14:30:10 +0000

@Torvaun
That’s actually a good method. Here’s another good one over at Significant Figures that uses molecules: http://www.sciencetext.com/passwords-for-scientists.html

But still – how do you remember which formula you used on which site? Why not come up with a great master pass for a password manager, and then forget about all the rest.

Just an idea ;)
Tara

By: Torvaun

Torvaun — Tue, 05 Jun 2007 07:47:37 +0000

Being a math geek as well as a computer geek, I tend to use mathematical expressions or constants for passwords. ‘e=2.71828′ ‘answer:42′, that kind of thing. Hard to brute force, easy to remember. And of course, being a security minded geek, neither of those is used for a password for anything Internet accessible.

By: Tara (PassPack)

Tara (PassPack) — Mon, 04 Jun 2007 23:58:23 +0000

A recent password hacking contest showed that “complexity” actually matters less than length. I just posted about it here:

Choosing Passwords: Long is Strong

Jeroen has got the right idea – pass phrases are a best bet.

Cheers,
Tara Kelly
PassPack Founding Partner
–

By: Daniel

Daniel — Mon, 04 Jun 2007 09:05:25 +0000

i usually make a simple hash of the site domain and like … my phone number with the shift key

By: Danilo Cicerone

Danilo Cicerone — Fri, 28 Apr 2006 08:29:07 +0000

Try this passwords generator too:

http://www.digitazero.org/?p=30

for testing and fun!

By: Richard Harlos

Richard Harlos — Tue, 25 Apr 2006 14:34:01 +0000

My preferred method of password generation is to take a sentence or line from a song and then use the first letter of each word in that sentence/line, putting vowels in one case and consonants in another, finally postfixed with numerals that indicate how long that password is including the numerals, e.g., if the line I wish to use is:

“You and me against the world”

My password would be “YaMaTW7″

The longer the line/sentence, the more difficult to brute-force crack it.

By: Darknet

Darknet — Thu, 20 Apr 2006 08:05:28 +0000

John Preston: Thanks for that, Keepass looks pretty neat.

Ubourgeek: Yah that really does make a strong password, it’s good to combine all of the above techniques..end up with something memorable yet very strong!

By: Ubourgeek

Ubourgeek — Wed, 19 Apr 2006 18:19:59 +0000

I use the previously mentioned passphrase technique, hash it using leetspeek (may be lame but it works) ’cause I’m a Geek, then toss a “special” character and an extra number on either end.

e.g.

Passphrase: Did you get four hundred thousand computer viruses?

Number of words in passphrase: 8

“Special” Character: ?

Resulting Password: ?dygfh7Cv8 or 8dygfh7Cv?

Cheers,