Caput Draconis

September 23, 2012

[The title is the first password mentioned in Harry Potter books]

I have always been paranoid about security, but in the last few weeks the paranoia has increased, especially since I read how hackers almost entirely erased the digital life of Mat Honan. [Here's the follow-up articles on how he got (a part of) his data back and then about catching the hacker]

Google has done a great job by providing two-step verification. Here's how you can use it. I wish more services would provide such security-enhancing solutions. So today I set sail searching for the best ways to create passwords which are hard to guess and yet easily memorable by humans. I didn't want to use a software/service for it because it tends to limit the number of places you can use the service to enter the password (apps on phones/tablets, for instance). I understand that they are a much safer way to go, but the dependency was something I wanted to stay clear of. For those interested in such software solutions, please check out roboform, lastpass and gringotts :D

Instead of trying to explain what has already been explained, and in ways much better than I possibly can, I'll share the links with you.

  1. Jeff Atwood's famous post about Passwords vs Pass Phrases
  2. Microsoft's guidelines and password security checker
  3. Soundpuzzle has one
  4. And then there's diceware

For those interested in numbers, here' the analysis of how ATM PIN numbers are spread across the possible 10,000 values (0000 - 9999) Hopefully yours is not one of the top 20.

And here's an awesome XKCD post about password security :) Be safe. Peace.