Silly Password Tricks

I managed to get out last night and visit the Tech It Easy WordPress meetup group.

I've not gotten far enough into my deep dive into WordPress to be terribly concerned about security issues. I was glad to learn that I was already most things right.

Part of the meeting got to talking about how to set strong passwords.

My favorite password algorithm is to pick a poem, lyrics from a song, or famous passage of literature and adapt that to a password.

For example, consider the nursery rhyme, "Mary had a little lamb, little lamb, little lamb; Mary had a little lamb, it's fleece was white as snow."  That could easily parse into a few passwords. Here are a couple:

Mhall,*3;

or

Mhall1fwwas.

Both of these are at least eight characters in mixed case and contain numbers and punctuation. (Of course, everyone who reads this page will know these passwords, so you probably should not use them.)

Most importantly, you wont find them in any dictionary, so they are not subject to a brute force attack, one in which the attacker encrypts an entire dictionary and compares your encrypted password with each encrypted word in the dictionary. If he gets a match, he can look back to see which word he encrypted to get a match, so can concluded that that plaintext word is your password.

You try my algorithm, now. Think of the lyrics to your second favorite song. Choose a line of those lyrics to give you at least eight characters, including numbers and punctuation. You don't have to remember the password, just the song. You'll soon have your fingers typing it without even thinking.