For years many of us have been adhering to this Directive as the “best” method of developing and managing our passwords. We now know we have been wasting our time.
We were told the way to protect our accounts was to invent awkward new words rife with obscure characters, capital letters and numbers—and to change them regularly.
Most people found this too confusing to be practical but many of us tried our best to do it because we were told by people a lot smarter than we were that this was not just the best way to protect our important computer stuff but it was the only proven way to protect our important computer stuff.
Some of us ignored this Proven and Secure way like that guy in the Federal Government who used “Password” as his Password. I would hope that not too many of us were as silly as this guy but I would not bet on it.
Others of us tried to do what the Smarter Than Us People told us we had to do. We even persevered after several of the true adherents to the process were reported to have been hauled off to the Funny Farm in Straight Jackets.
A good example of what kind of word would come out of creating a password with Awkward Letters Rife with Obscure Characters and Capital Letters and Numbers (and change them often) is shown below…
Tr0ub4dor&3
Now there is a Password that will frustrate Snidley Hacker and send him to the Funny Farm if ever there was one!...Or will it?
Sadly, we now know that this Bullet Proof Password could be cracked by Snidley in 3 Days.
Ole Snidley has gotten very good at golf because he found he had a lot of time on his hands so he has been spending a lot of time on the links.
Is there a better way?
Ø Is there a way that does not need Awkward Letters?
Ø Is there a way that does not have to have Obscure Characters?
Ø Is there a way that does not need to have a mixture of Capital and Lower-Case Letters?
Ø Is there a way that does not need to have Numbers thrown in where you can’t remember where you threw them in?
Ø Is there a way that does not require you to change your password as soon as you finally get to the point where you can remember it?
Ø Is there a way that does not require you to have a different unable-to-be-remembered password for every account?
My Dear Reader, the answer is yes. You can now have a single password for all accounts. It will take a little longer to type out and about 60 seconds to memorize but it will keep you from having to order Funny Farm, USA return address stickers for your snail mail.
Are you ready? Here it is…
Your Password Should Be Made Up Of 4 Unrelated Words Typed Out As One Big Word
An example would be “correct horse battery staple” typed out as “correcthorsebatterystaple”.
In case you have forgotten how long it would have taken Snidley to figure out your old “Tr0ub4dor&3” password, I’ll tell you again…
He could crack it in 3 days
If Snidley had a computer program that made 1,000 guesses a second, it would take him 550 Years to figure out that your “correcthorsebatterystaple” password was “correcthorsebatterystaple”.
Now you can take up golf but don’t look for Snidley out there because he is going to be busy for a long time to come.
Would I kid u?
Smartfella
Lagniappe: I did not make this up… https://www.wsj.com/articles/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118