« Share your Outlook 2007 Calendar with anyone for free | Main | Using a blog to keep your site fresh »

November 18, 2008

Passwords for Dummies

Password   Passwords are still (despite technological advances in network security) the keys to your IT systems.  Your password, your secretary’s password, your IT Administrators password are all critical to your network security.  The concept is simple enough, a set of characters which only you know, which allow you access to your shared network files, email, and business intelligence systems.

In practise it's not all that easy.  Passwords are either very easy to guess (increasing the risk of your network security being compromised); or they are complex, but so complex that users cannot remember them, and they are written down or put in a text file.

Most companies settle with the status quo, with passwords frequently recorded, known by multiple staff, and compromising your network security rather than protecting it.  It's much better to make the system of passwords work for you, which isn't that difficult.  If you like, it's just a trick!  The key is not to rely upon the brain's ability to remember an obscure set of characters that has no pattern.  You need to create a pattern which you can remember, but which no-one else can guess.

The best system I've ever found is this;

 - Find a song you like, one you know the words to, I'll use 'Yellow Submarine' as an example.
 - Now decide on a 'letter number substitution rule', the most common ones are;
  - Letter i = Number 1
  - Letter o = Number 0
 - There are less common options, but almost as easy to remember
  - Letter e = Number 3 (the mirror image of 3 is E)
  - Letter s = Number 5
  - Letter b = Number 8 (capital B looks similar to 8)
 - Now combine the two to create your password.  Take the first line of the song ..

   We all live in a yellow submarine

.. and take your 'substitution rule' (mine is A = 4 and E = 3), and apply it ..

   W3 4ll liv3 in 4 y3llow subm4rine

Remove the spaces ..

   W34llliv3in4y3llowsubm4rine

And chop it down so it fits your minimum password length (that way you can often get two or three passwords per line!)

   W34llliv3
   In4y3llow
   Subm4rin3

You might be thinking, "How am I going to remember 'W34llliv3'".  You don't need to.  All you need to remember is
 - Which song
 - Which subsitution rule (you can use the same one all the time if it works for you), and
 - Where you are in the song.

In this case;
 - Yellow Submarine
 - First line
 - e=3 and a=4

Try it.  It's very simple once you get used to it.  You never forget where you are after typing that password in several hundred times in a month!

Richard Bartlett offers IT consultancy services to SMEs through his company RG Bartlett IT Services Ltd.  Contact him by email richard@rgbartlett.co.uk or visit his website at http://www.rgbartlett.co.uk

Posted by Richard Bartlett on November 18, 2008 at 09:00 AM in Security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e54fc9f29c8834010535fe03f6970c

Listed below are links to weblogs that reference Passwords for Dummies :

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment