Wednesday, 7 September 2011

How to Create Secure Passwords

As a web developer or any kind of internet professional, you naturally end up with loads and loads of logins. Maybe you use LastPasss, KeePassX or MyPasswordSafe or some other service/program, as long as you don't store them in a password protected word/spreadsheet file, or your browser! You don't do you?
Anyway I recently had to create a new password for a particular online service, one that I want a good secure password for, but starting to use a new secure password can be tricky.
How can I make a password long and include several special characters, upper and lowercase letters and numbers, and still make it memorable?
I had a brain wave that resulted in a really easy to remember password that is 21 characters, has plenty of special charecters, numbers and letters.....

New Technique
Why not write code in your password instead of words. Code is easier to remember that words or phrases, contains special characters and will naturally be longer. For example you could do something like this:

function($letmein=true){return 1;}
SELECT password FROM login;

Adjust to your preferred programming/markup language.

Of course one problem with the above examples is they still contain dictionary based words and I'm sure if hackers aren't already, they will brute force common code at some point. So you might want to mix it up a bit with malformed code or made up syntax.

For example:


There's a huge scope for what could be included with this technique. You can make it easier to remember by making the code topic based. In the above examples the topic is logging in, so I'm using words/abbreviation along the lines of letmein, show, open, login.

This technique can still be combined with other techniques like substituting letters for numbers like $ecur1ty above. The only limitations will be from the service/program your using and whether or not they allow the full range or characters or long passwords.