I was listening to a Security Now podcast the other day and security researcher Steve Gibson came up with a really interesting method for creating strong passwords that are easy to memorize. He calls his method 'Password haystacks'. The way it works is you start with a strong password and then pad it with easy to remember characters. (Like a needle in a haystack)
So let's start with a decent password: wa9PUCra
By applying the haystack method it becomes something like this:
======wa9PUCra======
or
......wa9PUCra......
or
A11111wa9PUCra11111A
The additional length dramatically increases the time it would take to crack the password using a brute force attack. Obviously twenty random characters would be more secure but most people can't remember a twenty character password. This method strikes a nice balance which gives a big increase in security without affecting the ability to remember the password.
You can read more about it on Steve Gibson's site.
No comments:
Post a Comment
Please note all comments are moderated by me before they appear on the site. It may take a day or so for me to get to them. Thanks for your feedback.