Keep Your Passwords Safe December 6, 2007Posted by caveblogem in DIY, how to, information management, lifehack, Memory, Other.
I just read this post on Lifehacker today and was a little surprised how few people keep passwords the same way that I do. Aggregated from an interview with Bruce Schneier at the Freakonomics blog (New York Times) it advises that you write down your passwords. He has some sort of password generating and encrypting program that he also uses, and I don’t have any idea what that’s all about, or why anyone would need such a thing. Over at Freakonomics they like the counterintuitive nature of the advice, I guess. But I agree with the idea in principle.
I have worn quite a few different hats at work in the last five years, and so, like many people, have literally dozens of passwords that I have to remember, and another couple of dozens that I use in blogging and my personal stuff. I write them down, but can usually remember them without referring to the written versions. And I have no fear that the written versions will be used by spies or snoops, because they are encrypted with my own system.
Here’s how it works:
- Come up with some sort of mnemonic trigger for your password. My Netflix password might be the title of my favorite movie, for example. Say, Casablanca (which is not my favorite, but has the advantage of . . . well . . . not being my favorite and being one word long.)
- Then come up with a two or three digit number that has no particular significance for you, but which you will remember to use in all of your passwords. How about 892? Commit to always putting the 8 after the first letter and the 92 just before the last, for example.
- Decide to use some odd, yet consistent method of capitalization. Commit, for example, to capitalizing the second-to-last letter of each password.
- Integrate all three of the above into a password: c8asablanc92A.
My Amazon.com password might be the name of a book that I bought from them and hated, which will become o8ddthoma92S.
Now, write down all of your passwords, but do not write down the algorithm that converts them into the actual passwords. On a slip of paper, or with a sharpie on your wall or desk, your forehead, write Netflix: Casablanca. Write Amazon: Odd Thomas (you’ll know that there should be no space in the actual password, of course.) Any luck and it will look more like a shopping list than a bunch of passwords.