Complex passwords you can remember

Creating a complex password you can remember is easier then you think.

Pick something you enjoy in the following areas, music, video, book. Make sure this is not your favorite movie, book, or video but something that you still like. Picking your favorite of any of these items will help people who know you well determine the answer to your security question.

Now that you have the item pick a line from your book, music, or video.

In this example I will pick the Disney's Cinderella Song, "BIBBIDI BOBBIDI BOO THE MAGIC SONG".
I then Google'd the lyrics and found an easy to line to remember.

"Put 'em together and what have you got Bibbidi-bobbidi-boo".

This line has lots of first letters I can use to help me remember.

The simplest way is to take the first letter or each word and string them together.

"Put 'em together and what have you got Bibbidi-bobbidi-boo" becomes 'petawhygbbb'.

This is a little to simple when we look we have no numbers, no uppercase letters, and no special characters.

I'll now take this answer and uppercase any items that will be simple to remember. I see 'petawhygbbb' has the word pet and why in it. I'll uppercase both of these words making my new password 'PetaWhygbbb'.

Finally I can take letters that remind me of numbers and convert them. IE I reminds me of 1 or S reminds me of $. Here's some more easy ones O = 0, e = 3, g = 6, x = *, and so on. You'll want to find numeric that logically make sense to you so you can quickly rebuild it based on the original sentence.

In my case e = 3 and g = 6 are easy to remember without me writing it down. So my password will become 'P3taWhy6bbb'.

Now my password seems to have no value P3taWhy6bbb, but after I have used it a couple times it will be easy for me to remember. If I forgot a certain piece my mind will automatically help me with the second two pieces as long as I remember the original line from the book or song or movie I used.

Practice with a couple lines and find something that you like, don't be afraid to change out th method of the second to pieces or try multiple sentences to see which ones are easier for you to remember.

Sarah Palin Hack Hoax?

Was the Sarah Palin email hack a hoax?

I'm not sure if we will every truly know the answer to this question. It seems that neither McCain or Palin deny the incident, but neither is adding any real comment about the information hacked. Does their response make the hack legit? I don't really believe this adds any creditability to the story. I believe a denial that it was truly her account would only make people more suspect. So I believe they are making the right move and squashing the incident by saying that, they are aware of the incident and that they will have no further comment.

The hack looks to be legit and is based on a simple theory on using the forgot password and security question to gain access to an account.

What should this tell us?

This should help us realize some basic tricks hacker can use to access our accounts. It should also tell us to make our passwords and password security questions complex enough to keep people from getting access to data we would deem sensitive.

My next post will be specific to making you password, and password security question complex enough to keep hackers from guessing you answers, while at the same time simple enough to be remembered by you.

Password Security

This is a new blog for me because I think it is so important for me to have a place for readers to find information about securing their passwords. I will use this blog as a reference when people are working on other projects and password security comes up. I am not a know it all about any type of security, but I think I have experiences and ideas to help readers be more secure.

Why is this so important?

Although I don't want to be a pessimist, the reality is their are people out there trying to get you. Every day there are people looking for mistakes other people have made to exploit them. The motives can range from finical gain, personal attacks, malicious intent, to any number of other reasons. Recently there have been posts of many popular people being successfully attacked, due to lack of password complexity. In recent web posting Sarah Palin may have even been hacked. The Sarah Palin hack may be a hoax, but the simple theory on how it was suggested the hack was performed is very realistic.

Should we stop using the web?

Probably not, but using your head when on the web is very important even for average people. Keeping your passwords secure should be on the top of your list.

Of course, so why do we doesn't everyone just keep their passwords complex and unique and use best practices?

This is the simplest, it's hard. There is no magic wand that makes us remember everything, so the more complex they are the more likely we are to forget ourselves.

What can we do?

Lots

This post will start with basic mind set, tricks to help remember password, using password hints securely, reviewing tools which store password, changing passwords regularly, using different passwords for differnt sites, reviewing hardware which uses fingerprint or like minded security, and many more.