

Creating easy to remember passwords - Rabidgremlin
http://blog.rabidgremlin.com/2009/12/28/tip-creating-easy-to-remember-passwords/

======
rsaarelm
This relies on security by obscurity in keeping one compromised password from
being used to access the other sites. An attacker who knows of the procedure
can trivially detect passwords probably using it and substitute the domain
identifier.

A modification that doesn't have this problem and keeps passwords retrievable
using a single master password, but does require using a helper program, would
be to take a cryptographic hash from the concatenation
(master_password^site_id) and deterministically generate the desired password
from the hash value.

Quick Python example:

"".join([chr(((ord(x)-33)%94)+33) for x in
hashlib.sha256("hunter2"+"facebook").digest()[:8]])

~~~
Rabidgremlin
True. In fact I have a partially complete firefox plugin that does almost
exactly that. Problem is you need a bit of software installed which not very
portable.

The technique in my post offers much better protection then most people are
currently getting.

------
azakus
I've always found pwgen to provide usefully memorable passwords. Just have to
run it a few times and find one I like.

