Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Easy to Remember Passwords that are Hard to Crack
New Posts  All Forums:Forum Nav:

Easy to Remember Passwords that are Hard to Crack

post #1 of 9
Thread Starter 
There is a nice story in the Washington Post regarding an article by two University of Southern California computer scientists who have an ingenious way of generating short rhymes that can be used as passwords yet are extremely difficult to crack. Story is here: http://wpo.st/GEYi0 and the paper is here: http://www.isi.edu/natural-language/mt/memorize-random-60.pdf
Photo Editing PC
(11 items)
 
HTPC
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7-4790k  ASUS Sabertooth Z97 Mark 2 ASUS GTX 960 2GB STRIX 16GB Crucial Ballistix Tactical DDR3 1600 
Hard DriveOptical DriveCoolingOS
256 GB Samsung 850 PRO WD 2TB Caviar Black Noctua NH U12S Win8.1 
MonitorPowerCase
NEC MultiSynch P221W SeaSonic G 650 Fractal Design Define R5 
CPUMotherboardRAMHard Drive
Intel i3-3225 Gigabyte H77N-WiFi 8GB Crucial Ballistix Tactical DDR3 1600 120 GB Samsung EVO 840 
Hard DriveOptical DriveCoolingOS
1TB WD Blue LG Blue Ray DVD Reader Noctua NH-L9i Win7 
KeyboardPowerCase
Logitech K-400 Seasonic G360 Fractal Designs Core 500 mITX  
  hide details  
Reply
Photo Editing PC
(11 items)
 
HTPC
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7-4790k  ASUS Sabertooth Z97 Mark 2 ASUS GTX 960 2GB STRIX 16GB Crucial Ballistix Tactical DDR3 1600 
Hard DriveOptical DriveCoolingOS
256 GB Samsung 850 PRO WD 2TB Caviar Black Noctua NH U12S Win8.1 
MonitorPowerCase
NEC MultiSynch P221W SeaSonic G 650 Fractal Design Define R5 
CPUMotherboardRAMHard Drive
Intel i3-3225 Gigabyte H77N-WiFi 8GB Crucial Ballistix Tactical DDR3 1600 120 GB Samsung EVO 840 
Hard DriveOptical DriveCoolingOS
1TB WD Blue LG Blue Ray DVD Reader Noctua NH-L9i Win7 
KeyboardPowerCase
Logitech K-400 Seasonic G360 Fractal Designs Core 500 mITX  
  hide details  
Reply
post #2 of 9

For password fields that don't accept longer passwords, I wonder if it would still be more secure to make a super-long password like is discussed in the article but just use the first letter of each word. Like say 15 words or something so that you end up with 15 seemingly-random characters. Sure that would be harder to remember, but not if you turn the words into a song. If you turn the words into a song, then you're almost guaranteed to remember them which will pretty much guarantee that you'll remember the first letter of each word.

It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #3 of 9
Thread Starter 
^^That's a good point. I use Password Safe to manage all my passwords. It has a good random password generator that can be customized depending on various web site requirements. I haven't yet looked to see whether there is a maximum length for the safe combination which opens up the database which is where I think this type of poem approach will work. I don't know about Last Pass and others of that ilk as I don't have any experience with them.
Photo Editing PC
(11 items)
 
HTPC
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7-4790k  ASUS Sabertooth Z97 Mark 2 ASUS GTX 960 2GB STRIX 16GB Crucial Ballistix Tactical DDR3 1600 
Hard DriveOptical DriveCoolingOS
256 GB Samsung 850 PRO WD 2TB Caviar Black Noctua NH U12S Win8.1 
MonitorPowerCase
NEC MultiSynch P221W SeaSonic G 650 Fractal Design Define R5 
CPUMotherboardRAMHard Drive
Intel i3-3225 Gigabyte H77N-WiFi 8GB Crucial Ballistix Tactical DDR3 1600 120 GB Samsung EVO 840 
Hard DriveOptical DriveCoolingOS
1TB WD Blue LG Blue Ray DVD Reader Noctua NH-L9i Win7 
KeyboardPowerCase
Logitech K-400 Seasonic G360 Fractal Designs Core 500 mITX  
  hide details  
Reply
Photo Editing PC
(11 items)
 
HTPC
(11 items)
 
 
CPUMotherboardGraphicsRAM
Intel i7-4790k  ASUS Sabertooth Z97 Mark 2 ASUS GTX 960 2GB STRIX 16GB Crucial Ballistix Tactical DDR3 1600 
Hard DriveOptical DriveCoolingOS
256 GB Samsung 850 PRO WD 2TB Caviar Black Noctua NH U12S Win8.1 
MonitorPowerCase
NEC MultiSynch P221W SeaSonic G 650 Fractal Design Define R5 
CPUMotherboardRAMHard Drive
Intel i3-3225 Gigabyte H77N-WiFi 8GB Crucial Ballistix Tactical DDR3 1600 120 GB Samsung EVO 840 
Hard DriveOptical DriveCoolingOS
1TB WD Blue LG Blue Ray DVD Reader Noctua NH-L9i Win7 
KeyboardPowerCase
Logitech K-400 Seasonic G360 Fractal Designs Core 500 mITX  
  hide details  
Reply
post #4 of 9
Honestly, going back to a Password notebook that you keep in your desk is back to being a good option again. 5 - 10 years ago, this was frowned upon. But now in the world of cyber hacks, the notebook is a better option. As long as you only allow trust worth people in your home, which most do, this is a good choice again given the new world we are in. Funny how things have come full circle.
post #5 of 9
Quote:
Originally Posted by Alan G View Post

^^That's a good point. I use Password Safe to manage all my passwords. It has a good random password generator that can be customized depending on various web site requirements. I haven't yet looked to see whether there is a maximum length for the safe combination which opens up the database which is where I think this type of poem approach will work. I don't know about Last Pass and others of that ilk as I don't have any experience with them.

 

It's an idea, not a point. :P My idea is that if someone encounters a password field that's too short and wants an easier-to-remember string of letters (and numbers if you want to mix it up more), then you could still use this approach but just use the first letter of each word. Of course, you'd need a lot more words, but stilll. That's not the entire idea though: you could also make the string of words into a song so that you can remember the first letter of each word. If you decide to add numbers, then you could make those numbers a part of the song at the correct locations in the password.

 

Yes, everyone who does this will probably feel silly trying to come up with a song, but it's a proven scientific fact that when we make something fun, it's much easier to remember:

 

https://www.youtube.com/watch?v=9ebJlcZMx3c

 

"How to Be a Memory Master" - TEDx Talks

 

It doesn't have to be a song, but I think it would be much easier to do that than anything else. Maybe it's just me, but still.

It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #6 of 9
Quote:
Originally Posted by Depauville Kid View Post

Honestly, going back to a Password notebook that you keep in your desk is back to being a good option again. 5 - 10 years ago, this was frowned upon. But now in the world of cyber hacks, the notebook is a better option. As long as you only allow trust worth people in your home, which most do, this is a good choice again given the new world we are in. Funny how things have come full circle.

 

The bad thing about that though is, if your place is broken into while you're not home (yes, slim chance, I know), then all they have to do is take both the computer and the notebook and you're screwed.

It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #7 of 9
Quote:
Originally Posted by TwoCables View Post

The bad thing about that though is, if your place is broken into while you're not home (yes, slim chance, I know), then all they have to do is take both the computer and the notebook and you're screwed. It's like leaving your car parked in a public place and hiding the keys nearby.

True. But where I live, I'm much more likely to be hacked than my house broken into. I know that's not true for everyone. I would also think that they are morere interested in my TV and computer and probably aren't wasting time looking through notebooks. Usually they are snatch and go operations.
post #8 of 9
Quote:
Originally Posted by Depauville Kid View Post


True. But where I live, I'm much more likely to be hacked than my house broken into. I know that's not true for everyone. I would also think that they are morere interested in my TV and computer and probably aren't wasting time looking through notebooks. Usually they are snatch and go operations.

 

Yeah, but I still had to throw that out there - even if it would only apply to other people who are at a greater risk.

It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #9 of 9
What specifically are you trying to secure?

Password length/complexity doesn't really mean anything if the remote end can't handle the hash (or even cleartext) data correctly.
Das Rig, Ja?
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1700 Asus Crosshair VI EVGA 1080Ti SC2 2x16G GSkill RGB 3200 
Hard DriveCoolingOSMonitor
500 GB 960 EVO Enermax T50A-BVT Windows 10 Pro 27" Asus 
KeyboardPowerCaseMouse
Logitech K350 EVGA 1600G2 Fractal Define C Rosewill M55 RGB 
  hide details  
Reply
Das Rig, Ja?
(12 items)
 
  
CPUMotherboardGraphicsRAM
AMD Ryzen 1700 Asus Crosshair VI EVGA 1080Ti SC2 2x16G GSkill RGB 3200 
Hard DriveCoolingOSMonitor
500 GB 960 EVO Enermax T50A-BVT Windows 10 Pro 27" Asus 
KeyboardPowerCaseMouse
Logitech K350 EVGA 1600G2 Fractal Define C Rosewill M55 RGB 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Easy to Remember Passwords that are Hard to Crack