Web comic xkcd notes that “through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.” The comic above makes a compelling argument for password length over obscurity, and in response, one developer put together the xkcd password generator. It does what the comic suggests: strings together four random words to create a tough-to-guess password that’s easy to remember.
Of course you don’t need a generator to do this for you. You can just as easily pull four words out of the air to create your own lengthy but memorable password. Or you can go with one of our tried-and-true favourite methods and create an obscure and memorable password using the first letters of, for example, the lyrics to a song. (For example, a Jackson 5 lover might extract a password from the lyrics “Oh baby give me one more chance to show you that I love you” that looks like obgmomctsytily
.) The benefit of the xkcd method is that the longer your password, the harder it is to crack — and that’s true even if you’re using common dictionary words (as long as you’re using several of them, preferably semi-randomly chosen.
If you do choose to go a similar route for your password, I’d still strongly recommend making said password the master password for a password manager like LastPass, KeePass or 1Password, then, for all the rest of your logins, use your password managers to spawn long, randomly generated passwords that are both hard for you to remember and hard for computers to guess. You should only need to remember one password, but you shouldn’t use the same password everywhere. That’s what password managers do for you: Let you memorise just one strong password and obscure the hell out of the rest. You only need to know the one password; your password manager will fill in your unmemorable passwords for you. Get one, set it up, and use it. We really like LastPass.
Leave a Reply
You must be logged in to post a comment.