Monday, January 5, 2009

So many passwords, so little mind!

Trick : How to create passwords you can remember at will.

So, you now have a Google account, a Facebook account, two online banking accounts, an account for your city taxes, a Flickr account, a Yahoo Messenger account, a Skype account, and two blogs (one for you and one for your budgie). And this is just the tip of the iceberg! You are crumbling under an increasing pile of passwords! So what do you do? You write them down, usually on a piece of paper or worse, on a sticky that you leave in your workspace. (Tech support guys will tell you they can usually find a user’s password written somewhere in their office in under 10 mins.)

P.S. If your LCD is covered in post-its with your different passwords to the point where it looks like a giant sunflower, we need to have a talk!

Of course, you could just use the same password for every application, but then, if someone cracks your password, they have access to your whole life online!

OpenID and similar “decentralized user identification standards” are coming along slowly (some say inevitably) but then again, some of the same concerns as before arise.

So what is the solution?

Enter the LPEM, The Lemay Password Encryption Method.

I named it after myself because…well, because I came up with it, and because LPEM backwards spells MEPL which sounds funny when you say it, like someone pronouncing “maple” with a Monthy Pythonesquely bad French accent.

The LPEM will allow you to create unique, secure passwords for nearly every account you have. And yet, you will be able to remember each one with ease!

How does it work? Glad you asked!

The trick is to use the ancient and venerable science of cryptography. Cryptography, according to Wikipedia, “…is the practice and study of hiding information”. Basically, you are going to use a cipher to create your passwords. A cipher is an encryption algorithm - in layman’s terms, a series of well-defined steps that can be followed as a procedure and that will produce a coded piece of text.

Since only you will know your cipher, only you can decipher your passwords.

Don’t worry; it is actually much simpler than it sounds!

Let’s start by looking at the basic password best practices:
- Eight or more characters
- Use Uppercase and lowercase letters
- Use numbers
- Use alphanumeric characters and include special characters, where supported by the operating system.

Keeping these in mind, we are going to build a custom password algorithm for your accounts.

Here is an example of a basic password algorithm for say…yahoo (mail)

1- Take first and last letter of site (y and o), always in CAPS
2- Add the word “mail” (for an email account, you could choose something else that you will remember, or even a random word)
3- Replace the L by an exclamation mark !
4- Add a number at the end of significance (so you will remember it) but not directly related to you. E.g. number of years to retirement (18)

So our password for yahoo mail would become: YOmai!18
Your password for hotmail would be: HLmai!18
Your password for Gmail would be: GLmai!18
And so on and so forth.

Here is another more generic example,

1- First and second letters in caps
2- Your salary rounded to two digits (i.e. 52)
3- Last two letters, never in caps
4- Two odd characters

So if I want to create a password for Twitter, it becomes
1- TW
2- 52
3- er
4- ;)
So my Twitter password is: TW52er;)

My Facebook password would be FA52ok;)

Ta daa! You can now create as many passwords as you want and remember them with ease.

Feel free to Tweet this post or even to re-post. I just ask that you give me credit for the idea.

To add an extra layer of security, change your system on a regular basis. I change mine every 2-3 months.


Simona said...

I like I like! An interesting method of remembering too many ways of wording passes.

Now if you can only tell me how to remove the already existing passwords from my mind... then we'd have a clean slate to start from!

Bossman 74 said...

Ok mister,

I've broken your code, and changed all your passwords!

If you want your online life back PM me...


Alain Lemay said...

How to erase existing passwords from your mind? I find that a 6 hour Get Smart tv marathon will erase that, as well as a great quentity of useful grey mattey. That or 15 minutes of Barney!