Use MD5 Hashes And Your Favourite Site For A Secure Password

The CyberNet News blog posts an interesting take on creating secure passwords you can actually remember, or at least remember how to retrieve—by posting a favourite web site, or an MP3 file, into an MD5 hash generator.

CyberNet splits up the method into two different takes, both utilizing the MD5 codes normally used to verify a downloaded file's integrity. Entering a favourite, or, more securely, strange and unique web site into an online MD5 hash generator gives you a seriously long string of characters, uniquely linked to that URL. Grab the first eight characters from the string, and you've got a fairly unique password to use. Using this method for every site isn't advisable, though, as anyone who figures out your methodology can grab all your passwords. Combine it with a unique suffix, though, and you've got a system that only mind-readers could really crack.

A second technique uses the same MD5 hash characters, but uses an MP3 file as its unique generator. Assuming very few people know of your secret love for Starship, it's also a fairly safe way to get a secure password, but also have a backup means of retrieving it. Hit the link for details and step-by-step tips on both methods.

How to Remember Secure Passwords Without Writing Them Down [CyberNet News]


    This is not really as secure as it sounds. Since input -> output mapping is 1:1, an attacker can just process a dictionary of known/popular phrases through the same hash function (e.g. md5), and use the output list as part of the attack.

    The more popular and known this method becomes, the less effective it will be. This is an example of security through obscurity. Ideally, the strength of the password should be in the randomness of the source password.

    One plus of this style of protection (even if the 1:1 mapping isn't the best idea) is it can protect against keylogging attacks.

Join the discussion!

Trending Stories Right Now