It can be difficult memorising so many passwords and phone numbers. A recent experiment presented at the Symposium on Usable Privacy and Security explains an easy method for branding them into your brain.
Photo by Mr Seb
The study, conducted by researchers Stuart Shecter and Joseph Bonneau, involved hundreds of participants who thought they were taking an ongoing series of attention tests. The real testing was actually being done on how the users logged in to the tests. Over time, the users slowly memorised complex passwords and passphrases using a process called “spaced repetition”:
Every time the login screen appeared, the user would be prompted to type in a series of words or letters on the screen. Over time that string of characters took increasingly long to appear, prompting the user to enter it from memory. More letters and words were added to it over time: After 10 days of testing, the user was required to enter a series of 12 random letters or six random words — for example, “rlhczwpsnffp” or “hem trial one by sky group” to start the test.
The passwords and passphrases the users eventually memorised would take an entire year to crack, and that’s with a million dollars worth of equipment.
Note that while this is handy, we don’t really recommend you use it with passwords. You should have a separate password for every account you use, and it’s unlikely that you’ll be able to remember all of them, even with spaced repetition — that’s why you need a password manager. You could use this for the few passwords you do want to memorise, but you could also just create stronger, more memorable passwords with dictionary words.
That said, for other complex sequences you need to memorise, this works well. Just write down whatever it is you want to remember, and try to remember as much as you can every time you use it. Don’t force it all at once because that defeats the purpose. Over time it will seal itself in your brain on its own, and all you have to do is make an honest effort to remember as much as you can each time.
Comments
3 responses to “Memorise Complex Sequences (Like Passwords) With Spaced Repetiton”
This works well for some people – rather than memorise the characters, memorise the shape on the keyboard. If you create a password based on a pattern on the keyboard, it’s not going to be easily cracked, and if somebody saw you accidentally type it in the wrong field, they’re not going to remember it. E,g type fr45tghy6
Or http://en.wikipedia.org/wiki/Chunking_(psychology)
Had a fairly long password that I could type with one hand. After awhile your brain takes over and you hand just does it.
Memorised! Then: time to change it – with complex history-based validation (must change at least XX characters from previous password(s)).