8/25/10

No More Passwords

What if you could do away with passwords forever? Seriously.

The average person has to remember as many as 10 passwords, often for accounts that require periodic resets. No wonder people complain that passwords are annoying and too hard to remember. In fact, many IT professionals cite lost passwords as the number one complaint they hear.

So what's the solution?

Don't use a password. Instead, create a complex Pass Phrase, something easy for you to remember but meaningless to anyone else.

If your password is made up of common words it is easily guessed. Even if it is random, a password that is only 8 characters long can crumble under a brute force attack in 16 minutes. Make your Pass Phrase a variety of characters both in upper and lower case and extend it to at least 12 characters in length and the results are astonishing - it takes the same hack millions of years to get past it. Even better, you can create a Pass Phrase for multiple accounts that will be unique to each even though it is the same phrase.

4intrY2G2axceS combines numbers with upper and lower case letters, is 14 characters in length, isn't made of words easily guessed or in a dictionary (note entry and access are misspelled). Best of all, it is something easy to remember. Read it as "for entry to Google to access." The G stands for Google. If using such a Pass Phrase for multiple accounts, it would look like this for Twitter: 4intrY2T2axceS.

Admittedly, there are drawbacks to using the same Pass Phrase for multiple accounts. If one account is compromised that jeopardizes all of your accounts, so you must be diligent about security. Don't give your Pass Phrase to anyone - EVER. Make certain the URL at the top of the screen matches the page you are viewing. Don't surf with your email account open and always use an up to date anti-virus and firewall.

Key points:

  • make the Pass Phrase at least 12 characters
  • use both upper and lower case
  • combine letters and numbers
  • use alternate spellings (misspell)
  • security tactics need to be maintained


If you have any questions about Pass Phrases please feel free to leave a comment. I'm always happy to hear from you.



Bibliography:

http://en.wikipedia.org/wiki/Passphrase
http://kb.iu.edu/data/acpu.html

3 comments:

Anonymous said...
This comment has been removed by a blog administrator.
December 8, 2010 at 11:29 PM
Anonymous said...
This comment has been removed by a blog administrator.
January 29, 2011 at 10:02 AM
Anonymous said...
This comment has been removed by a blog administrator.
January 18, 2013 at 3:56 PM

Post a Comment

Subscribe to: Post Comments (Atom)
This blog is a business card, a portfolio, if you will, highlighting the work I love. Thank you for reading, Mrs. Z