Architekwiki
  • WIKI
  • Start Here
  • Architekwiki Resources
  • Other
    • Reading List
    • Details
    • About
    • Sign Up
    • Terms of Use
  • WIKI
  • Start Here
  • Architekwiki Resources
  • Other
    • Reading List
    • Details
    • About
    • Sign Up
    • Terms of Use

Blog

Passwords Update 1.1

3/3/2014

 
Passwords
While I am on my password kick, it's hard to get off the topic. Hopefully I will get back to Architekwiki soon. In the meantime... While I have been going through my cache of passwords, I came across an article from late 2011 that I had saved. I had been aspiring to follow the advice that James Fallows outlines in his Atlantic blog. That advice differs from the path I am on now, but I can see that it is pretty well-thought-out. So I am going to paraphrase it here for you.

The challenge with passwords is to over come the Catch 22: “Passwords that are easy to remember can be easy to hack, and passwords that are hard to hack can be impossible to remember.”

One technique that you can use to solve the Catch 22 is phrases. Basically you use a string of words. An example would be: Cold weather isn't tropical! This 28 character long password would be nearly impossible to hack/guess. And you could change the “o”s to “0” and the “a”s to “#”s for good measure. Something like this example beats the Catch 22, but it breaks down when you have 100 of them. You can't remember 100 phrases (I can't anyway), and you can't remember which one is used where.

One solution to this impasse is to duplicate some passwords based on the value of what you are protecting. This is “going against the rules”, but if the risks are minimal...? For example, let's say you list and rank the sites you use like this:
  1. Retirement Account
  2. Investment Account
  3. Checking Account
  4. Credit Cards
  5. Email Account
  6. Cloud Storage Account
  7. Project Management Service
  8. Online Tax Service
  9. Shopping Sites
  10. Apple ID
  11. Social Sites (FB, Twitter, etc.)
  12. Entertainment Apps (Netflix, Hulu, etc.)
  13. Tool Apps (Auto 360, Lucidchart, etc.)
  14. Games
Your list will differ, but we both are rating how costly loss of control of the account would be. If the account has money in it, assume it's gone; same with data - all your email is gone, attachments, too, or all your project files. Once you know the importance to you, protect the most important with its own “hard” password phrase. I would do this for 1 thru 7. Next use one password phrase for several sites (say 8 thru 10). Then one password phrase for a whole class of sites, say entertainment (11 and 12). Finally you will get to services or games that you can always sign up for again, these can all use the same “easy” phrase (13 and 14). This approach might be manageable without too much effort or too many “notes to self”.

There are other worthwhile ideas in the article I referenced above, and you might find they give you the amount of security you want. My desire is to have the security without the “remembering”. In other words I would rather learn a system that does the managing and remembering for me. 


The Final Update can be found here.


Comments are closed.
    Architectural Bookkeeping
    Trello-PM
    Subscribe to
    Architekwiki

    RSS Feed

    Terms of Use

    Your use of Architekwiki is implicit agreement with the Terms of Use.

    Archives

    December 2017
    November 2017
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    June 2013
    May 2013
    January 2013
    December 2012
    November 2012

    Categories

    All
    Chronology
    Humor
    Miscellaneous
    Opinion
    Thoughts
    Work In Progress
    Work-in-progress

Picture
Picture
VISIT ARCHITEKWIKI'S RESOURCES
​START HERE
ABOUT
SIGN UP
TERMS OF USE
Architekwiki | Architect's Resource | Greater Cincinnati | (859) 444-4560
© 2012-2021   Architekwiki​