Posts Tagged ‘security’

I don’t know a single person who hasn’t forgotten his password.  And, generally, the reason you can’t remember your password isn’t because it’s so complex, but rather because you have so many of them.  A site you frequent often might only require four characters, so you choose something easy like “eric.”  Or another site you frequent requires at least six characters, one of which must be a number, so you choose “hockey9,” your favorite sport plus your high school number.  Whatever the reason for the number of passwords you may have, there is a simple solution to creating an almost unguessable universal password — that is, a password you can use at almost any site, and yet will be unbreakable to friends, family, or strangers trying to guess your password.

First, there are many things most articles about best practices in creating a password warn against, including using your name, a kid’s name, a hobby, a favorite team name, the usual “abcd,” and the like.  But using my method for creating an unbreakable universal password you can forget every bit of the “don’t do this” advice, and instead turn to these simple steps:

Choose any word you want… in another language.

I argue that in order to build a successful password, it has to be something you’ll remember.  And that’s the reason you must choose a word or name you love and will always remember.  Choosing something none of your friends would ever guess means it’s probably something that’s not all that prominent in your life.  So in order to continue using a word or name that you cherish, simply transliterate (which is different than translating) it into another language.

The online translation site I often use is Im Translator : Free Translation Service.  It’s an easy site that takes the word you want to translate, you choose the language to which to translate, and click the “transliterate” button which will allow you simple pronunciation.  To make it a little more difficult, choose a language such as Russian, where it comes out in Cyrillic.  For example, perhaps I want to use the word “hockey,” a sport I play.  Translating it into Russian it will come out as “хоккей,” which of course can’t be directly used as a password.  So I’ll change it to “xokken” since it’s close.  Very easy to remember!  (As a note, when I reference the password, it will be in quotations with any punctuation outside of the quotes, which is generally against the rules of correct English punctuation.  I feel it’s necessary for clarity, however, to make sure punctuation is outside of the quotation marks since characters too could be part of the chosen password.)

Now that we have our base word, we’ll need to add some additional characters to make it universal.  Let’s take a look at the requirements for most sites.

While many sites require 6-10 characters, many others require 8-20, making it harder to remember variations of your usually six-character password.  An easy way to make your password universal, then, is to follow the next step:

Make your password eight or 10 characters long.

Our original, translated password, “xokken”, is only six characters, so we’ll need to add two.  Let’s lengthen it by following another step:

Add a number or two.

Many Web sites require at least one number.  Since our base word only has six characters, we’ll add two numbers.  My old hockey number was 39, so I’ll add that: “xokken39″.  Don’t add them to the front of the word, though, as many sites also require the password not to start with a number.  If you want to make it more difficult, add the numbers somewhere in the middle of the password, but this makes it more difficult to remember and to type quickly.

We’re almost there, but there are two other requirements which are also often mandated by sites.  The first is an easy one to add:

Make one or more of the characters uppercase.

Since many sites require a lowercase letter in addition to an uppercase letter, we’ll need to take our password and make it just a little bit bigger: this time not horizontally, but vertically, if you will.  Since our password has two Ks in a row, let’s simply capitalize them.  That makes it easy to remember.  Now our password is “xoKKen39″.

Now we’re missing just one often-seen requirement:

Add at least one symbol.

Oftentimes a Web site will require a symbol or punctuation mark, and there are certain characters usually allowed by most sites, including ! ? – _ = + , ~ $ % and .  Symbols less often allowed include < > [ ] { } ( ) # @ & ` ‘ ” ; : / , so stay away from those.  For my password, I’ll choose the one I’ve seen allowed the most: the exclamation mark.

Most of the time you’ll probably just stick it at the end, much like I did with the numerals.  But since I have a double letter in the middle of my password, I’ll stick it in the middle for a little added security.  Now we have our entire password: “xoK!Ken39″.

Coming in at nine characters, including lowercase letters, uppercase letters, numbers, and a symbol, it can now be universally used by 99% of the Web sites I’ve encountered, is still easy enough for me to remember, and yet hard enough that no one I know could guess it, nor could anyone watching my fingers likely see exactly which keys I’m typing and duplicate it.  To me, that’s an almost unbreakable password applicable for the everyday person’s use.  Enjoy!