BARBELITH underground
 

Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.


Underground > Conversation >

Passwords

  
 
Smoothly
14:15 / 09.06.06
I have a terrible memory. Really shockingly bad. But I’m increasingly expected to remember more and more passwords, usernames, PINs and code words.

How do you cope? Do you write these things down somewhere? Do you have a special code for your codes? Do you use the same password for lots of applications? How do you balance a strong password against a memorable one?

Tips, tricks, strategies, anecdotes etc.
 
 
All Acting Regiment
14:40 / 09.06.06
Mine are written down on a rolled rizla which is kept in my pocket rubber-banded around half a pencil.
 
 
Mon Oncle Ignatius
14:46 / 09.06.06
Unsurprisingly I'm not going to be broadcasting my particular method for making up passwords too specifically on a public forum. The methods below offer a sample of password strategies which are quite common.

However, the longer the better is a golden rule. Make sure there are no undisguised real words, especially not on their own without any extra characters added. Dictionary checking software can run though these remarkably quickly.

Mix upper case and lower case characters with numerals and special characters such as the underscore if allowed by whatever software is protecting your login, account, etc..

Using variations of 3l33t-speak can be useful too.

Try not to use your bithday as a numeric string or PIN if possible. If you're going to use a year, make it meaningful to you and not everyone else who - for example - supports England and hence uses "1966". For that matter, if you use a (disguised) word, maybe make it something which you find personally amusing or connects laterally to something else (eg "F4stb4cK2000" if your dog is called "Rover"), or use a mnemonic and then use some kind of letter-changing code (eg "Fucked Up Beyond All Recognition" = "Fub4R").*

If you use your password every day, you should hopefully be able to use it almost mechanically - so a quite long and complex one might well be OK there.

You might want to have several passwords you use in multiple locations: say, one easy to remember general-use password for when you log into somewhere it doesn't really matter if it gets revealed (such as a game of Urban Dead or suchlike), another for logins to places like Barbelith and online shopping accounts where you really don't want to get your suit or account hijacked, and another separate one for online banking or ISP logins.

If you have to keep a list of your passwords, either write them down or disguise them well in a way you will be unlikely to forget, or type them up in a file which is itself encrypted and protected by PGP or similar, locked by a very strong password which you will remember easily.

As an aside, it is frighteningly easy to obtain software to get hold of your root admin password for Windows machines using a self-booting CD or floppy. I had to do this for a laptop which had managed to sorrupt access to its Root so that certain changes could be made by a user - it took a 50MB download of a CD image and about 10 minutes of runnign the disc to get hold of every user password on the hard disc.

So don't trust your computer's security (assuming you run Windows of course) at the first hurdle for getting access to the desktop, and assume that anything in a password-protected user account is in itself protected.


----------------

*In both these examples the code is: (First letter capitalised; vowels = numbers if possible; last letter capitalised: "P4ssw0rD"). If you stick to a code you use every time then you should be able to work out how to make up a new password if you have to, or to work back to one you've forgotten as well.
 
 
STOATIE LIEKS CHOCOLATE MILK
15:04 / 09.06.06
My worst one is my work password, which is an anoyance as it's the one I care about the least, given that the net-policing would make it impossible for anyone to do anything even vaguely dodgy while logged in as me. The password only lasts for 28 days... given that I work a week on/week off schedule, and it usually expires on a weekend- ie just before I'm away from the place for a week- every two shifts I turn up to work and can't log into my PC without asking IT, because I've forgotten whatever it was.

Last time I remembered, though- it took me a few goes, then everyone stared at me when I joyfully shouted "YES!!! FUCKNUGGETS!!!" (note- not my current one).
 
 
Jub
15:04 / 09.06.06
I write them all on the back of my pad. I tend to have the same thing a lot of the time which I know is bad, but really I'm not that fussed. Everyone has a password at work to log in and everyone's really funny about it. I don't really understand this though - I mean so what if someone else went on your computer, and moreover, why would they want to. I know there's some scary people out there and the really determind ones will be able to do all sorts of hacking stuff.

I don't think anything is important enough for me to really give two hoots about on line since I have a back up real life version. IE if someone highjacked my email, my mates would call me and know it wasn't real. I suppose the only possible exception is Barbelith.
 
 
Ticker
15:09 / 09.06.06
Those are kickass suggestions.

The only thing I would add is to plan to change your passwords regularly. Consider it brain exercise. Most of us can memorize phone numbers and small strings if we associate them with something. It's also quite alright to leave yourself a note in a secure location as long as you don't list too much information.
(or if it is a safe deposit box, go for it)

Try not to reuse passwords over time. As stated above, never use the same password for your important private logins with public ones. Your email passwords should never ever be your bank PIN.

SysAdmins regularly do have access to your email & your stored work on your work computer. While many of us are good people you should not be stupid. Don't email/IM passwords, always call people and tell them over the phone if you need to share a password.
 
 
Kali, Queen of Kitteh
15:10 / 09.06.06
I only have two, and even then I do variations on them. Makes it somewhat simple for me to remember, though I do this every day so I'd feel like a right idiot if I didn't remember one of the variations.
 
 
Ticker
15:21 / 09.06.06
Well, in terms of why secure passwords are important let's look at some examples.

You have a work computer with a password and a work email address with a password.
Let's say a state official receives a death threat email coming from your computer using your email account. Do you know how hard it is to prove that it wasn't you sending it at that point?

Or home wireless networks, some script kiddy gets on your unprotected wireless network and starts poking at a government website, guess who they visit? What if they download kiddy porn and it get's traced to your IP address?

Stolen passwords are a big part of ID theft. It is a huge problem that starts with common sense.
 
 
The Strobe
16:25 / 09.06.06
Acronyms of easily rememberable things are always good.

siteoymdykymfabptp

is pretty incomprehensible, and won't be subject to dictionary lookup, but dead easy to remember, because it's the first few lines of Don't Look Back in Anger (Oasis, not Osborne):

Slip inside the eye of your mind
Don't you know you might find
A better place to play

So if anyone says "no, not english words", it's a good way to make quite hard to crack passwords.
 
 
matthew.
16:39 / 09.06.06
My password for some things is the name of my dog. I know. It's so simple. But what do I have to hide, really?

My other password is a tricky one. It's the name of an obsolete internet service provider that went under almost 6 years ago.

Fucknuggets is a great password.
 
 
All Acting Regiment
17:03 / 09.06.06
And a great ISP!
 
 
enrieb
19:43 / 09.06.06
Acronyms of easily rememberable things are always good.

siteoymdykymfabptp

is pretty incomprehensible, and won't be subject to dictionary lookup, but dead easy to remember, because it's the first few lines of Don't Look Back in Anger (Oasis, not Osborne):

Slip inside the eye of your mind
Don't you know you might find
A better place to play

Snakes I think you just invented a new acronym game.

Here's an easy one on the oasis specialist subject

tigbtdttgtibtybnyssrwygdidbtaftwidayn
 
 
matthew.
19:59 / 09.06.06
I wonder how long it took you to write that out, and for what?
 
 
Tom Paine's Bones
20:52 / 09.06.06
I just consider what will make me look coolest when I post it on Barbelith in a public suicide.
 
 
Mon Oncle Ignatius
20:59 / 09.06.06
And a great ISP!

Until they got bought by Orange...

[/rot]
 
 
Polka Snibbs
05:48 / 10.06.06
Haven´t been here for a long, long time...
I use anagrams and palindromes. I take a word, "frontier" for example, then turn it around: "reitnorf". Shorten it a bit: "itnorf". Change the place for a few letters: "tifron". I simply mold it until it is something I can easily remember, but no-one else can figure out. Numbers and 1337 are optional.
 
 
Mistoffelees
09:18 / 10.06.06
I once read in the newspaper of someone having had a very good idea. Next to the cashpoint someone had written a four-digit number.

So if you use the same cashpoint all the time, just write your number next to it!

Exclaimer: Mistoffelees does not approve of graffitti or vandalism!
 
 
foolish fat finger
20:36 / 10.06.06
gottit enrieb- it's wonderwall! ok, here's one for you (or anyone). sticking with oasis singles...

ttttmss/ owyws /acywautw...

regarding passwords, my friend has a couple of good ideas. the first is, he takes the name of whatever website it is, and then adds some personal info, for the sake of arguament, lets say his birthday, '1973'. so his yahoo password would be 'yahoo1973', 'ebay1973' for ebay, and so on. this is good because each password is unique...

another one I like of his, is to go all around the keyboard in a specific shape. for instance, one of his began- 'qazxcvbnmlp', making a big u shape around the outside of the letters on the keyboard. he couldn't have even told you what his password was if he wanted to, he just knew the position of the keys he pressed. the advantage of this method is that you can remember a long password simply, and it is quick to type in also.

combining these two methods would give you an easily memorable, and very tough to crack password.
 
 
Quantum
21:00 / 10.06.06
I use easy to remember things only my friends could guess, then trust them not to hack me. When it's one of those you have to change every couple weeks (grr) I use sequential digits after the same word, or something based on the month (like JUNE2 or JUNE2FUCKNUGGETS if it has to be longer).
 
  
Add Your Reply