Mark Burnett

Ten Password Pointers: Building Strong Passwords

This chapter discusses the building of a strong password. The secret of strong passwords is not to choose a password, but to build a password. The chapter discusses the tips for building strong passwords. A simple technique for increasing the strength of ones password is to just use more than one word. Complex, multiword passwords are much more difficult to crack and they can be just as easy to remember as a short password. Best of all, sometimes all one needs to remember is just one of the words contained in it to trigger remembering the rest.

The Three Rules for Strong Passwords

To develop strong passwords, one needs to follow some guidelines. This chapter covers three basic rules on how to make strong passwords: the rule of complexity, the rule of uniqueness, and the rule of secrecy of passwords. These rules help refine current password development (or creation) patterns, and establish password policies that ensure the passwords remain an effective piece of authentication mechanisms. Complexity makes a password strong. It is a component of password length and diversity of content. To ensure password complexity and to augment length, passwords should contain at least three elements: characters or numbers, symbols, and words or phrases. Uniqueness means that every password use is exclusive to any particular system and distinct among all passwords. Different ways are described to make the password unique. Always maintain the secrecy and confidentiality of password to ensure its integrity as an authentication device.

The 500 Worst Passwords of All Time

This chapter provides the list of 500 common passwords. Many people pick the same passwords over and over. Even the way people misspell words is consistent. In fact, people are so predictable that most hackers use lists of common passwords just like these. One should change the password if it is present in the list. The password listed can be easily cracked by a hacker.

Chapter 3 – Is Random Really Random?

This chapter focuses on randomness—the most important aspect of password security. Randomness is a strange concept. It is the absence of order. The lack of order, however, does not guarantee that something is random. A sequence is only random if there is no way it can be reproduced given any circumstances or information. Three properties of a sequence attribute to its randomness. These properties include (1) even distribution—an equal probability of distribution over the entire set of data; (2) unpredictability—any one piece of data has no relationship to any previous data and provides no information about the data to follow; and (3) uniqueness. It would be extremely rare to randomly produce the same sequence of data more than once. The longer the sequence, the more unique it becomes. These three properties deem random data impossible to guess, therefore making randomness a vital element for strong passwords. Humans are poor sources of randomness, but with a little help and some simple strategies, very strong passwords may be created. Computers have their own problems when it comes to creating randomness. Computer needs precise instructions for creating a random sequence. Computers use a Pseudo Random Number Generator (PRNG) for producing a random character. Pseudo random numbers are not truly random, but rather an algorithm that creates numbers that appear to be random. These numbers are actually predictable.

Living with Passwords

This chapter explains how to build strong passwords that one can conveniently live with or can easily remember and type easily and quickly. Remembering passwords can be easy if one built known passwords. Our brains are terrible at processing random, unrelated pieces of information, but if one throws in a few techniques such as rhyming and association, one can develop passwords that can be instantly remembered. Like rhyming, repetition adds a sort of rhythmic echo to passwords that our minds can easily recall. When used correctly, repetition can create a tempo and rhythm in the passwords, thereby making them very easy to remember. Chunking has been used for a long time as a memory technique to help people remember things such as phone numbers.

Chapter 13 – The Three Elements of Authentication

This chapter discusses the three different elements that are utilized for authentication. These forms of authentication, called biometrics, can greatly enhance the reliability and integrity of passwords. Any form of authentication is based on validating one of these three elements. The whole concept of multifactor authentication is to provide multiple layers of security that work together.

Another Ten Password Pointers Plus a Bonus Pointer

This chapter discusses the password security. Use of English words makes the password common and they are predictable. Even if one put a bunch of them together as a pass phrase, they are still quite predictable. The solution is mangling, which is changing, distorting, mutating, or deforming a common phrase into something completely unique. Passwords that use diverse characters are strong, and long passwords are strong, but diverse, long, and mangled passwords are the strongest. The chapter presents ten tips for starting up with mangling. Some of the tips discussed are Scrambling, Diverse Dialects, Slicing and Dicing, Repetition and Over-punctuating.

Chapter 12 – Celebrate Password Day

This chapter discusses the origin of the password day and the celebration of password day. It discusses spending a day focusing on passwords. All of the passwords should be unique. One should go through every account, service, subscription, membership, system, and device one has a password on, and change those passwords. Users should also spend some time improving their password selection skills, and securely document their entire selection of passwords.

Character Diversity: Beyond the Alphabet

This chapter discusses the character diversity. It is a key component of strong passwords. The purpose of using many different types of characters is to reduce the predictability and weakness of passwords. If numbers, uppercase letters, and symbols are employed properly one can enhance the creativity and uniqueness of passwords. Password should be unique. In fact, one wants them to be so unique that it would be unlikely for anyone else to have that very same password. Increasing the types of characters one can use greatly increases the chances of building such unique passwords.

Passwords: The Basics and Beyond

This chapter discusses that the most important aspect of information security is the selection of strong passwords. Likewise, the single greatest security failure is the use of weak passwords. Network administrators blame users for selecting such poor passwords, and users blame network administrators for the inconvenience of their draconian password policies. People select poor passwords and do little to protect them. They share their passwords with others and use the same passwords repeatedly on multiple systems. At the same time, computing power has increased along with the number and quality of tools available to hackers. The chapter describes techniques how one can build strong passwords and explains how to protect password from attack. All one needs to do is follow some simple rules, use some basic common sense, and treat passwords like real secrets. By implementing these practices, one can extend the life of this simple method of authentication.