Sunday, May 18, 2008

How to Remember Passwords?

In this internet age, with people visiting new website at a rate higher than their usual visits to the restroom, remembering login details, especially passwords can be a quite daunting task. The login credentials consists of both the username like "Bigyan" and the password like "bb1024". Here I will give some guideline that might make this task a little bit easier for you.

Username

First comes the trouble of choosing a good username, which can be difficult if you have a common name or just are not creative enough. A friend of mine tried to get a GMail account and to his horror found out that all the names from "dutan", "dutan1", "dutan12" ... upto "dutan1234" were already taken, so he took the name "dutan12345". Of course this is quite a mess and very difficult to remember.

The solution is to be creative and start using something like "dutan_42" which is something not everyone will come up with. Of course however creative one might get, there is always a possibility that that very username was already taken ... so maybe you could just add another letter or number to it. Try out "dutan__42". Use this scheme for every site that needs you to have an account. So at most you have to remember 4-5 similar usernames.

Password

This is the huge problem. how can you choose "hard to guess" yet "easy to remember" passwords? Of course you could try using the same password everywhere, but if somebody finds out one of them, you are doomed.

The trick lies in creating a set of basic passwords for different category of sites. Like for emails, you can have a basic password, another one for news sites etc. The trick is to effectively use these basic passwords and generate the password unique to the site that you are using. Say you choose a password like "iddqd95" as your basic password for emails. So for yahoo, you could change that to "iddqd95aoo" i.e. appending it with the vowels of that site. So for gmail you have "iddqd95ai".

So even if somebody "accidentally" finds out your email password, they cannot just use it on all other sites that you use. So the chance of identity theft is reduced considerably.

You can extend this scheme to use numbers in place of letters ... maybe number the vowels from 1 to 5. Or append the consonants. Maybe use the first 2 alternate letters. Basically get creative with this. Further ideas include using complicated number replacement policies based on the site's name. Maybe even some unusual characters like ! @ # $ % etc. Corresponding them to the vowels. The possibilities are really endless.

Remember that its easy to make such a complex scheme than follow it on a day to day basis. So follow a "Keep It Simple Strategy". Do not make the scheme so complicated that you need a pencil and paper just to compute your password, that alone is enough to negate all the advantages of these scheme.

Warning

The schemes look all good, but it does have a disadvantage. They are easy to use because you are remembering only the rule and not the password. But what if somebody gets to know of it? So the trick is not to discuss your scheme with anybody else and never share your passwords. Also please do not write them down. This is often thought to be one of the safest scheme. I have a friend who keeps her list of passwords in a password protected MS Word file and carries a printed copy in her bag. This is very silly. With the advent of internet, identity theft has got a new meaning. Its quite easy for a professional to get this lists.

If you are a computer savvy person ...

Of course if you are computer savvy enough, you might have discovered that fact that most of the recent browsers come with sophisticated password management systems. You can use them easily and just remember one single master password. While this scheme is quite secure in the sense that the encryption standards used to store the passwords are almost impossible to crack, it has some glaring disadvantages.

Losing the master password can be the perfect recipe for a disaster. Then there is always the possibility of that piece of software malfunctioning. What if the HDD crashes? So even if you use this scheme, and I do agree that is is very addictive, spare few minutes to learn up and use the above strategies which make you life a little bit easier.

1 comment:

I'd love to hear from you !