Simple and Effective Password Concept

August 6, 2015 | Views: 2319

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

The problem with passwords is that humans are inherently lazy (hey, me too!) and Security Admins are apparently a special kind of sadist when they think users can remember an insane combination of 1337 and binary. In reality, complex password requirements traditionally lead to greater security risks because users find new ways of cheating to remember their passwords. Whether it means writing them down and stuffing a notepad in their unlocked drawer, or typing them all out in a Word Doc labeled “passwords”, users will always find a way to easily “remember” their passwords.

We, as security professionals, need to learn to leverage both human weakness and technical requirements by teaching our users how to set up complex passwords that are easy to remember, but difficult to crack. Easy and hard? Say it ain’t so.

Here’s where a simply password algorithm comes into play. By using a personal algorithm to derive unique passwords for every site, users can easily remember one word and one 4-digit pin, but have a unique password for every site and system they need to access. Here’s how it works…

Here is a simple password algorithm to use for easy-to-remember AND secure passwords. The great thing about this concept is that you can have hundreds of unique passwords without the trouble of remembering each one individually.

Basic steps:
1) Pick your favorite word. We will use “password” since it seems to stay towards the top of the list of most popular passwords.
2) Pick your favorite three or four digit number. Let’s go with “1234”, again because it remains as a global favorite every year.
3) Then set up an account at your favorite website, such as Cybrary! Here’s where you get to pick a really cool username using your favorite 1337 references.
4) To set your password for Cybrary, you simply use the first two letters and last two letters of the site as bookends around your favorite word, such as “cyPASSWORDry”.
5) Then add your favorite number along with the special character equivalent and you have: “cyPASSWORDry1234!@#$”.
6) Using the same algorithm for Yahoo would look like “yaPASSWORDry1234!@#$”, which is a unique, complex, and long password.

So instead of keeping your passwords simple (and weak), or writing them down (argh!), all you have to do is remember your favorite word and number. Now your account list might look like:

Cybrary: cyPASSWORDry1234!@#$
Yahoo: yaPASSWORDry1234!@#$
Facebook: faPASSWORDok1234!@#$
Bank: baPASSWORDnk1234!@#$

If you understand how password hashes work, then you know that these passwords look 99% different to a computer. If you didn’t know about hashes, I’d recommend starting with Cybrary’s Security+, Module 6.

Best of luck, stay secure.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. That is a very simple steps, i support c00LBR33z that yahoo should be ”yaPASSWORDoo1234!@#$”

  2. Wow bro thats a really cool one, I think these simple skills could really leverage up the web security standards.

  3. I believe the example yahoo pw should actually read: “yaPASSWORDoo1234!@#$” instead of “yaPASSWORDry1234!@#$”

Page 3 of 3«123
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge



We recommend always using caution when following any link

Are you sure you want to continue?