- Category: Technology
- Created on Thursday, 17 January 2013 14:04
Passwords have become a large area of interest to me recently. It's near impossible to remember a unique password for every single one of your online accounts. Writing them down leaves them vulnerable, and a password manager requires you to remember another password. Usually, we go through the following methods to get our passwords:
- Try to log into a site, forget username. Have it sent to your registered email address
- Log into email by entering a password into that
- Forget the password, have the password sent to the email
- Log into the website
- Forget the username and password a week later, repeat.
This is a complex and time-wasting way to keep accounts registered. Also, if you forget your email password or your account is compromised, you will need to do additional work. Instead, I propose a system of generating a password for each account based off of a "Password Frame" and "Site ID"
The Password Frame
Passwords need to be complex. Usually, you will be required to have the following aspects of your password:
- At least 8 characters in length
- One letter
- One number
- One capital letter
- One symbol
Now, generating a password from these requirements is simple. Let's use jjHuerj!998. Now, try to memorize three to four passwords like that. Seems almost impossible. I could learn one or two, but anything over two becomes extremely difficult. Instead of creating four passwords like this and remembering them, let's make a universal password for our "frame". We will be adjusting the password in the next step.
Let's take jHuerj!998 as our "Password Frame". It still meets the requirements of our password. You're probably thinking that if we use one password for each account, we run the risk of having all accounts compromised if one account is compromised. You couldn't be more correct! Let's customize these passwords with a "Site ID"
The Site ID
So, our password is jHuerj!998 so far. Let's use each site's web address to generate two extra characters for our password, so our Gmail, Amazon, eBay, Facebook, and other passwords don't match.
From here, we need to develop a system to customize each password for our accounts. Feel free to use whichever rule you want, but I will use the following:
Take the first and last letter of the web address, bump them one letter forward, and attach them around the exclamation point.
This means that for Gmail, I will take the g and l, and bump them each one letter forward, so h and m are my two new letters. I will surround the exclamation mark with those letters. My password changes as follows:
jHuerj!998 -------> jHuerjh!m998
Now, I have a custom password generated for my Gmail address. If my password is compromised with one website, I won't run the risk of having my other accounts compromised. Let's see how other passwords change:
All passwords are unique and you can remember one password and one application of the website's name. Should be much easier to memorize everything.