Hacker News new | past | comments | ask | show | jobs | submit login
Write your passwords down (jgc.org)
116 points by duck on Dec 17, 2010 | hide | past | web | favorite | 120 comments

Its funny I worked for a startup that got acquired by Comcast, and eventually we started having to follow the Comcast security policy which made us change domain passwords every month with requirements around using strange characters etc.

I'd say about 50% of the people ended up with their current password on a post-it on their monitor or desk.

Yes, this same thing happens on the ship I work on in the summers. There are about 300 people, and about half have to reset their password when they come on board. There is the arbitrary 8 character, at least 1 #, at least 1 special character, at least 1 capital, can't match a dictionary word, and can't be close to the previous password. Also can't contain their name. Try explaining that to 150 people over and over again...it is so painful to watch some people try half a dozen, even a dozen times and still not get a password that will work, and then the vast majority will either write it down in a public place, share it, or forget it.

I'd based on the available data that could have just as much security, without all the user hassle, if we just require long passwords, no other requirement. Can you see how much easier it is to just say, your password has to be 16 characters or longer. Just think of a passphrase. For instance: IWa1kmydogonSaturdays Easy to remember, and I would argue, though would want to try to provide some evidence, that this would be just as, if not more secure than 8 characters with ridiculous requirements.

> if we just require long passwords, no other requirement

... then I bet lots of users will choose passwords like "passwordpasswordpassword".

Possibly, but I sure would like some data on this. Theoretically, I could try this out by getting approved from the CIO first and then just checking the hash vs the hash for passwordpasswordpassword and passwordpasswordpasswordpassword as well as any password in the top 100 from the previous leak that was > 16 characters (not sure if there are any). As said, I'd like some to get some real data as opposed to stipulations, but obviously it's hard to get this kind of data.

I'd go with passwordpasswordpasswordpassword. Just to be safe.

Great idea. Everyone knows about passwordpasswordpassword.

But does anyone know thisisnotapasswordthisisnotapasswordthisisnotapassword ?

... with all due apologies to PIL.

The wise thing is to allow for and encourage the use of passphrases. Sentences are both easier to remember and harder to guess!

and of course only an alliteratively poetic machinist would think to use "sublimeswarfswirlsslowly"

> just require long passwords, no other requirement.

I particularly liked the suggestion (elsewhere) to set passwords to a random combination of three dictionary words. It's hard to remember 7Gw$kW_ws, but I bet I could come up with a meaning for "dog shower flange".

I came up with such a scheme 12 years ago, but with some improvements. If you modify words from /usr/dict/words with h4xx0r style modifications, then it's easy to get above 80 bits of entropy with a reasonable number of entities.

An average vocabulary has something like a million words in it, if you word count derivations. If you can expand that by a factor of five with easily memorable things like 1337-speak transformations, you can get above 80 bits with only 4 entities.

That's not much better entropy on the password. It wouldn't take long to go through all three word combinations based on a normal english dictionary.

With a password the key is always entropy. You can use all the smarts in the world to avoid the pre-computation attacks on your password... but never forget that brute force is not limited to character by character attack :)

http://www.baekdal.com/tips/password-security-usability says that it would take 2,537 years to crack a password with three common words, at a rate of 100 guesses per second, and flange isn't common. That's long enough for me.

This guy picks that upper limit based on the idea that an attacker can't hit the webserver more than 100 times a minute, which makes me question how much he knows about crypto. He doesn't take into account someone who has access to the password hashes.

So assume they've got something lame like SHA-1 hashes, even on commodity hardware you're talking about 100,000 hashes a second. Now you're at 2.5 years. Setup a simple cluster or buy some CPU cards, and you easily get into the three month range.

Use bcrypt, and chose a work function that's as high as you want. It's pretty trivial to ensure that given certain hardware, it will take a certain amount of time to hash a password.

Never Never NEVER use SHA-1 or MD5 for hashing your passwords, those algorithms are designed to be fast.

Anyway, the technique is called "Diceware", and you can pretty easily calculate how much entropy you're getting with it. (and assuming your attacker doesn't know you're using diceware, you're in even better shape.

That is good developer advice. But from the perspective of a user there is no harm in assuming the website your using stores your password as unsalted sha1 and go from there.

Shit, he's in trouble now!

Right, so someone trying to brute force the password into the interface is limited by the speed of the program (or any artificial limits it should have built in :)).

In fact, just one word with a couple of numbers has the same effect.

Don't forget though, you are trusting this password to a site. If they are hacked, what then? Your 2K years turns into minutes or hours.

Reminds me of when I had to write a front-end for a web search feed. It was easy to test the standard case (millions of results, of which the first 1000 can be paged). But what about the case when there is only one page of results? The solution seemed to be, rather than finding a topic with only a few results, to keep appending common words until the # of results shrunk enough. For example, from Google:

  "antelope" has 14,100,000 results
  "antelope walrus" has 118,000 results
  "antelope walrus biscotti" has 8,100 results
  "antelope walrus biscotti eisenhower" has 1,690 results
  "antelope walrus biscotti eisenhower lambchop" has 8 results!
Bonus if you can find a word combo which produces a single page of interesting sites, not word spam. Of course now that this comment is on the web, make that 9 results for "antelope walrus biscotti eisenhower lambchop".

This was a concept back around 2004 or so called "googlewhacking". The goal was to form a search query of only two words that had exactly one hit on google.

I came up with a similar password for our house router. After a week, I couldn't remember which animals were involved...

Easy to remember, not so easy to type into a password box. Or maybe for you it is easy, but it wouldn't be for me.

I loathe policies about expiring passwords because it breeds insecurity in the manner you mention. However, my company has this same policy, not because its been evaluated as being a good policy, but because our SOX audits require it.

Another reason to grumble over SOX.

Yep, this is common practice.

I do a lot of pen testing, and one of the easiest ways to get access to important things is figure out a way to go into the IT department under some premise. Passwords galore, the rest is just memory :)

(this is, sadly, only a slight exaggeration)

I did support for a hospital a while back. The favored ( by faculty, not IT ) strategy there was a sticky note on the back of an ID badge. My guess would be that this is common practice anywhere where people carry ID badges.

This is and isn't bad advice. Writing your passwords down and storing them in your wallet isn't necessarily a good idea. You may be able to secure your wallet, but there may be somewhere better to secure it (such as a house safe).

Rather than writing the passwords down, use a decent tool like 1password (http://agilewebsolutions.com/onepassword) or Keepass (http://keepass.info/).

Keepass is brilliant and supported on Linux, Mac, and Windows.

I have one super-strong password that I've memorized that encrypts my KeePass database, and then I use Keepass to generate and store random passwords for me.

This looks like a good way to generate the passwords you put into 1password or another similar password tool. If the tool fails, you can regenerate the passwords if you need to.

1Password has a random password generator. That's what I use.

No one mentioned Lastpass?

It has a multifactor grid authentication, which along with a user defined password, makes it secure enough for me.

When I started using it, I changed most of my passwords to be 100 characters long. But many sites had a maximum 20 characters or equivalent rule.

My policy:

   - lame passwords for sites I don't care about (e.g., 'insecure')
   - the same password for sites with semi-sensitive information (e.g., facebook)
   - unique passwords for bank accounts, servers, etc.
So I try to strike a balance between difficulty in remembering & security.

The thing that's bitten me on the ass a few times with that strategy is failing to upgrade sites from "I don't care about" status.

I'll use the 'insecure' password to drop a comment on an interesting discussion on a site I've just found - like, say HackerNews or Twitter, then two years later I'm still participating in the community there, and it _could_ have still had the password I used that time to comment on a ValleyWag story. All of a sudden I _do_ care a bit about any reputation I might have. I was fortunate this time not to have any sites I cared about still using the same old password Gawker leaked (mainly 'cause I'd learned that lesson when my twitterstream started spamming acai berry sites when PerlMonks exposed my low-grade password back then.)

I think Schenier's right - the world isn't a place where "remembering passwords" works any more. We need too many of them and we don't have enough control over how other people store them.

A password safe with a strong passphrase backed up by somethig like dropbox or zumodrive is probably a minimum sensible approach now. Some care is needed with the devices you access that password safe on, and awareness of how software like browsers or your OS caches and stores any passwords it sees you use. Even with a properly secured password safe, a fair number of my logins are probably hosed if I lose my laptop... Firefox, Chrome Safari, Mail.app, Twitter clients, IM clients, IRC programs, FTP programs - all of them store credentials for me, _mostly_ in Mac OS X's keychain, but not in a "reliable enough way" to be considered "secure" if the physical hardware is in someone else's possession.

If once one of your password leaked, all sites with the secure level are unsafe then.

Thanks for spelling that out entirely clearly.

In related news, when I'm on a non essential site that requires a password, forces a weird restriction ("Your password must contain at least one number and one non word character) and won't let me save it in Firefox, I just copy the password, log out, bookmark the login page and then add #password to the URL and bookmark that as the new login page.

Then, come login, I can just copy the password from the URL.

I've been doing this:

echo -n "A long sentence I can recall. site_name" | sha1sum

I use the sha1sum from that as my password.

site_name may be hackernews, slashdot, home, etc. I can break them in half (20 chars) or quarters (10 chars) if the site can't accept a 40 char password. Also I can add a period on the end if the site requires special chars. These are strong passwords and unique for each site. Works great on Windows Linux and Macs. All I need to do is recall my sentence (with proper punctuation).

Not to be snarky, but isn't your master password now sitting there, plaintext, in your command-line history? (Worse: when you accidentally do this in a terminal that's remoted somewhere.)

See my reply below. I seldom do it in a terminal and when I do only on my home machines. The command above is for explanation. If I showed you my app without that explanation, it wouldn't be the same.

Your approach is great, I think I'll use it too.

My current method for secure passwords on sites that have a max around 8 or 12 or so is to think of some song lyrics I know, pick n words, camel-case them, l33+-translate a couple letters, and add shift+numeral special characters to either side.

Thanks. You can cut and paste the passwords. Write an app like I did or if you trust others, download one. I like it because it's portable (no secret encryption crap) and easy to recall. Also, if one site is compromised, like gawker, and they happen to crack the password, they won't be able to use it anywhere else and won't know what your secret sentence(s) are.

Edit: One other neat thing about this approach is that you can honestly say that you don't know what the password is (if you are ever asked). You know how to create it, but you have no idea what it is. That may matter in some situations.

Your last point about claiming to not know the password is interesting... If I had a mustache I'd be stroking it by now. ;)

I ended up writing a simple shell script using sha256sum and dicing it several ways, a GUI app seemed a bit clunky for me.

    read -s p
    hash=`echo -n $p | sha256sum | sed -e 's/-//' | sed -e 's/ //'`
    echo '64: '$hash
    echo '40: '${hash:0:40}
    echo '20: '${hash:0:20}
    echo '16: '${hash:0:16}
    echo '12: '${hash:0:12}
    echo '10: '${hash:0:10}
    echo '08: '${hash:0:8}

While my method isn't as secure as your most likely is, I prefer a simpler algorithm based upon the site name. I can perform my algorithm in my head and enter a password quickly and without having to refer to a terminal or another program.

Btw, do you ever worry that your command history might be accessed to discover your passwords?

I use an app I wrote to do the sha1 so the sentence is not hanging around in bash history, but I do rely on the cmd prompt at times on computers at my house. Here's a screeshot of the app: http://i.imgur.com/tz255.png

No one but me uses it. So it's bare bones.

You mentioned adding a period for special characters but what do you do for passwords that require capitalization?

I suppose you could get that with base64 encoding rather than a hex digest. Something like:

    echo -n 'Secret sentence Sitename' | openssl sha1 -binary | openssl base64

Good idea. Lot's more space too when compared to hex encoding. I added it to my app: http://imgur.com/EcqZ1

This reduces the search space massively though as we now know you only use 0-f as characters, probably brings it closer to being brute forceable for the sites don't accept 40chars! And dont have rate limits.

16^20 = 1,208,925,819,614,629,174,706,176

The very best GPU crackers do about 1 billion guesses a second. Good luck.

There are also a number of apps for both android and iphone that will give you sha/md5 sums. The downside is you have to carry your phone and have enough batteries.

echo -n "A long sentence I can recall. site_name" | openssl dgst -sha1

For those with openssl.

> (I have a second copy of that sheet left with a friend in an envelope)

I love jgc but here he's making the same mistake most people make when they speak about security: assuming all readers have the same need for security and run the same risks. They don't. There is no point for my mom to adopt this system, it's way overkilled for her. (I think there's no point for me either).

One needs to explain to users two things: the first is that there is a big difference between being A target and being THE target. If you are just A target, picking one password for each website you subscribe to is more than enough. If you are THE target, then people will get to you, no matter how secure you think you are.

I somewhat agree, but when mass hacks occur it opens people with poor passwords up to hackers because they've got all the time in the world to see whose accounts they can get into.

BTW Do you use the same password on your Gawker account elsewhere?

As long as the password is unique, it doesn't even matter. Sure, it should be unique yet not revealimg a pattern ("goofy" is ok, "gawker" is not) but there is no need for the user to pass crypto 101.

This for those 1.5m that were just A target; Nick Denton, OTH, was THE target and it was just matter of time for him to get pwned.

>BTW Do you use the same password on your Gawker account elsewhere?

I had to check the other day. I opened that account to leave one comment on lifehacker (that was never approved, actually) and then forgot about it. Turns out the password was safe enough but my mistake there was to use an email address I cared about.

Now I have a less important email address and a supergenpass for everything, except gmail/facebook/dropbox and the other things I care about, for which I have better passwords.

Nevertheless, your Gawker password was crackable with JtR.

I usually have two passwords: A stupid one that I only use on stupid sites, and a good one that I use on crucial ones (Gmail, Amazon, bank). There's no relationship between the good and bad passwords, so I feel more confident that I'll be unaffected by data breaches.

I checked the torrent and I guess I never made a Gawker account.

The problem with that plan is that one day you will learn that someone who works at Google, or Amazon, or your bank or some other "crucial" site has captured millions of username/password combinations and tried them at all the other crucial sites.

I like that giving the paper to a friend provides an easy way for a friend to be able to access his accounts in case of a tragedy.

I always have a question come to mind whenever I read these kinds of guidelines: what percentage of computer users have ever had their passwords compromised?

I'm guessing there's no real way to gauge this because I've never seen a study nor heard anyone else touting one and yet, complex password protection guidelines are always being recommended. Why?

I have no idea about the percentages. But I've been hit twice. One by a leak from a sizable gaming website, and the other time by gawker. Neither time I gave a shit because thankfully I was smart about my passwords.

There's always a risk, it's not expensive to defend against, so why not?

Those are interesting examples because you didn't lose the passwords, those websites did. So stuffing your password in your wallet, or making sure they were 12 characters long wouldn't do any good.

Personally I don't see any reason for having them completely randomly generated.

'thIs1smyp4ssw0rd19%2' isn't any less secure than another 20 character password that includes lower+upper case letters, numbers and special characters.

Obviously, if you do something like 'c0r1np4ssw0rd" then it may get to the stage where enough people do that for crackers to expect it (maybe it already is, but as long as you follow his third and fourth rules ("Use mixed-case, numbers and special characters" and "Use passwords of at least 12 characters") you really should be fine, and you'll have an easier time memorising them.

(I can remember multiple 20+ character passwords that would be very difficult to crack, and have no need to write them down.)

That's not quite true. When we're talking about the security of a password, we're talking about how long it's going to take someone to crack a possibly salted hash (Gawker's weren't) of your password. When attempting to crack a hash, the attacker begins with dictionary words, then with leetspeak permutations of dictionary words, then starts adding random numbers in with random words.

It's hard to say in what order specifically they're going to try it, but generally speaking, they go from fewer bits to higher bits. thIs 1s my p4ssw0rd - that's not quite as many bits as you think it is. That's 4 permutations of dictionary words. That password probably hits the requirement of 80 bits, but it is less secure than other 20 character passwords. thIs1smyp4ssw0rd is going to be tried in its various permutations fairly early on in the cracking, and tacking on a few extra characters, while an order of magnitude increase in compute time, is not outside the realm of possibility.

Realistically if you take into account the possibility of using up to four works, with some but not all vowels replaced with numbers, a mixture of upper/lower, and some other random numbers and special characters in an undisclosed place... that creates such a huge number of possibilities that it might as well not be dictionary based from the cracker's point of view.

Write your scheme down, compute the number of permutations it makes available, then divide by the total number of possibilities allowed by your password set (a straight [possible_chars]^[length] computation).

The results will surprise you. The space of things you describe is far smaller relative to the available space than you realize.

You can indeed make this big enough to work, and it's easy to make it big enough that only a dedicated cracker could get through it, if that. My point isn't that you're wrong, but that you may be less right than you realize.

The thing is, even if it's true for the one scheme I suggested, unless you know the format a password will be in you can't aim directly for that scheme, meaning you can't limit the number of possibilities that much.

I could pick a password that is "coRInStaNdr3ws19@90" which is my first name, my first school, my year of birth, and a few capitals/numbers/special characters. If an attacker knows that's my type of password then it might make it easier for him, but 'corin' isn't in dictionaries (sure they might think to find out my name and add it as a dictionary word), and I doubt "st" and "andrews" would be. Realistically, unless I give away my rough password format, they won't be able to narrow it down and will be left with a password that's just as hard to crack as if it was completely random.

You're making a false assumption that the hacker must somehow divine your pattern, but that is not necessary. An attacker could mount a Markov-chain based attack based on common phonetic patterns (and even common numbers, since some will show up more often than others) and radically cut down the search space even without assuming any aspect of your "pattern", and what you cited will get caught in that orders of magnitude before a truly random password. Along with enormous numbers of patterns that you could cite, as well, this is pretty much a superset of them all.

When you cut the possibility space down, you have cut the possibility space down. You can't fool entropy. The math is quite vicious that way.

You're encountering the "everybody can create an encryption scheme that they themselves can't crack" problem. You may not be able to think of how to abuse low-entropy passwords to crack something far longer than you "ought" to be able to, but that doesn't make it impossible, or even necessarily hard for an attacker.

Yes, but what if he used "thIs 1s n0t my p4ssw0rd". Wouldn't that cause the cracking program to burst into flames?

The problem with this approach is that you can only remember a few passwords like this, which means that you are going to reuse passwords on multiple sites. One site compromise can compromise multiple accounts for you.

I don't have any problem remembering them personally (then again, I still remember root passwords I used when I was thirteen and they were completely random characters).

Sites like HN and Reddit I'm happy to use the same password (I'd be minorly annoyed, but realistically I wouldn't be that fussed if I lost control of either account, I can either recover it or even create a new one), but any site where someone finding my password could cause a problem has its own password, and I can remember them all.

Occasionally I forget which password goes with which site, but not often - actually I find it harder to remember which username/email goes with each site.

actually I find it harder to remember which username/email goes with each site

So very true. My password creation process is fairly memorable, and tends to meet the requirements of any site (password length, numbers, capitals etc). But user names - it's an email address, it's the name on your email address, they do accept spaces, they don't accept spaces, they only have 8 characters ... drives me mad !

I use Bruce Schneier's password safe: http://www.schneier.com/passsafe.html

Use 1Password, make sure your passphrase for that is long enough to be secure.

Write that passphrase down and put it in a safety deposit box if you want people to be able to retrieve them after you die.

I wrote a quick Ruby script that prints out a tabula recta for passwords. Enjoy!


Back in 2005, I did something similar for a while after this [1] was posted to /. Eventually it became too annoying, and I switched to Password Safe and then to 1Password. Both are, in all ways, better than that slip of paper.

[1] http://ask.slashdot.org/comments.pl?sid=152097&cid=12762...

An easy way to create your own...

Copy this empty table: http://pastebin.com/tzbd7FCt Fill it with this random password generator: https://www.grc.com/passwords.htm

Be sure to use a fixed-width font.

From the random generator's website: "Every one is completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again."

Interesting guarantee for a random number generator to provide...

It might be true random numbers as opposed to pseudo-random numbers. Likely created in a similar way to http://random.org

While I'm reasonably sure they're on the level, getting my random numbers from a source not under my control is worrying.

Here is a python script to generate the table: http://pastebin.com/UiLi61Yg

I think that a better solution is to use pwdhash. Check it out here:


It's a browser extension for Chrome and for Firefox that seamlessly hashes the concatenation of your master password and the domain name of the site you're logging into. This produces a different password for each site, and requires you to remember only your master password.

The extensions were created by Blake Ross (big name in the firefox community), as well as Collin Jackson and Dan Boneh who are highly regarded security experts at Stanford.

Also, if you're interested, I've created a command line utility for Mac OS X that exposes the same functionality: https://github.com/ali01/pwdhash.py

Just yesterday I wrote a Chrome extension with the same idea. Algorithm is:

    password = base64(pbkdf2(secret, username@url))
Where PBKDF2 uses SHA-256 and 5000 iterations.

You can get it here: https://chrome.google.com/webstore/detail/hegbhhpocfhlnjmemk...

Website version: http://sellme.ru/p2

Source: https://github.com/dchest/cryptopass/

The most commonly used hashers are pwdhash, supergenpass and magicpassword. Given that they all use hashing algorithms, none of them will result in a password using special characters, which is not optimal.

Actually, that's not true. Look at the encoding section of the PwdHash USENIX paper. PwdHash returns an ASCII representation (not a hex or base64 encoded string) of the hashed domain name + master password. PwdHash also applies a number of constraints to the returned hash to ensure that the special characters that it does use are legal at most websites.

A typical PwdHash password, with domain name google.com and master password "LetMeIn+123456?" looks like this:


Try it yourself at the pwdhash website.

Oh, good to know. I stand corrected. I was using supergenpass but I should switch to pwdhash, then.

Optimal? No. More than sufficient? Yes. You can use all numbers in your password, so long as it's long enough (and the website actually uses all of them).

I use a hashing bookmarklet myself. Only, I wish there was a better algorithm and I think it's wise, at least with an audience like HN, to point the weaknesses of those system. See for instance : http://stackoverflow.com/questions/554224/is-the-bookmarklet...

What happens when you lose your laptop or netbook or whatever handy device you use to browse the web? Are you then leaving it to the OS login screen to protect everything? I d rather have passwords I remember in my head. If I forget often, I click the reset button/forgot your password. Whats more, I generally visit important places more often than unimportant ones, so I wont forget my important passwords. Also, start using sites like mint.com. Instead of logging into your bank account, log into mint to check balance and expenditures.

Lets face it, none of this is every gonna keep you totally out of trouble. If you re so paranoid (aka my security professor at school), shut all your online accounts down.

So you have a paper on your wallet, which can be used to obtain every password you use, using an intricate and very specific "algorithm".

Then you publish the fact itself and the algorithm in your blog(real name), which, besides, doesn't depend on a passphrase (which could turn your method in a sort of dual factor authenticator).

The paper could be photocopied and returned to your wallet and you'd never know.

Please, don't talk me about how many bits of entropy your passwords have. They aren't secure.

Why do you believe he gave you the real algorithm?

Access to the piece of paper severely reduces the attack space, even if it isn't "go diagonal from (letter2, letter3) of domain name". Heck, it is not much different if it is a trivial transform on the characters themselves. Anything that a person could easily do (making the thing convenient enough to actually use) is not going significantly alter the number of permutations. Of course, this is making a big assumption that a targeted attack will go after the paper rather than say, the keyboard (which is generally much less secure than a wallet.).

However, this being said, it is much more secure against untargeted attacks than the standard "i have an algorithms in my head" or "i use the same password" approach a lot of people use.

Once you're in the realm of targeted attacks you're in a whole different ball game. You have to consider who the attacker is likely to be and what they have access to. If your wallet isn't secure enough you can upgrade to a fire safe or some such. That narrows it do to people who you let in your home or are willing to break in. Beyond that though you're starting to enter into the realm of James Bond shit.

Or into the realm of two-factor auth. Sometimes I wonder why my roommate can get a security token for his World of Warcraft account, and I can't get one for my bank...

It's an interesting concept because passwords could be infinitely more secure if everything adopted a two-factor authentication system with something physical that you carried around like an RSA SecurID. Unfortunately, even that system risks being compromised, and like the sheet of paper, highly inconvenient.

But on the other hand, your garage door works with a rolling keY too, and you're also SOL if you lose your opener (unless you, ironically, have a keypad).

I did some consulting work at a big pharma company. And they solved the whole problem of someone stealing (or more likely losing) a RSA key by keeping all the keys at the helpdesk!

You just called up, said you need the ID, and they read you the number over the phone...

Me: "Hi I'm XXX and I need the RSA key for COMPANY X."

Helpdesk: "Okay... It's on the board here somewhere... Found it... It's down to the last bar. Let me wait until it flips... Okay. Six bars... 643332."

Me: "Thanks a million."

I generate a new random but semi-pronounceable password for every account using apg (http://www.adel.nursat.kz/apg/), then store it in one of several gpg-encrypted, replicated master password files.

The first few times I use a newly generated password, I have to look it up in a master file. It's weird how quickly semi-pronounceable nonsense + some symbols get stuck in your head though.

"Write them down and keep them in your wallet because you are good at securing your wallet."

I'm having a very difficult time articulating just how horrible this idea is. Now if somebody compromises your password list, by either finding or stealing your wallet, they also get all of your personal and banking information as well!

There is a reason that the government advises people not to carry their Social Security cards in their wallet (http://ssa-custhelp.ssa.gov/app/answers/detail/a_id/446/~/ca...).

I use Wallet, a password manager/generator that's available for OS X and iOS, supports encryption, and syncs between devices automatically. I use a different random, strong password for all of my accounts, and it's easier to manage than keeping lists of passwords. Works for me.

I think that using password schemes is bad. Because in order to be useful, the method needs to be fast, simple and replicable. Suppose that someone creates a fake website in order to grab one of your smart passwords. If he understands that you use a method, he will try to deconstruct the method based on the fact that his website surely is included in some manner in the password itself. Also, since many people who use these methods tend to divulge them to the community, there isn't even a need to create a fake website to understand your passwords. The only solution that really works is to use a password manager. My favorite obviously is Passpack, because I am a co-founder, but regardless of which software you choose the important thing is that you use it. My advice is not to relay on any clever schemes because you may be in for a bad surprise.

I employ what I like to call "Personal Hashing". Think of it like the human version of md5. I've come up with an easy to remember, easy to compute (work done in my head), hashing system that I use to generate passwords for all my accounts. The power of this method is that it generates strong passwords, and is easy to remember.

Take for example, and this is just a sample not my own personal hash formula, the following mechanism:

key = username

1) r = rot2(key)

2) password = vowelreplace(r) [a4,e3,i1,o0,u_]

In this example, I apply a rotation of 2 letters to the input key, then replace the vowels in the result with numbers.

A sample use case might be for an amazon account.

Username: johnsmith

Password Key: johnsmith

Password Phase 1 (rot2): lqjpuokvj

Password Phase 2 (vowelreplace): lqjp_0kvj

We are quite capable of remembering simple formulas which we can use to generate our own passwords on demand. What's best is the formula exists in our heads, and can never be discovered laying around.

I may be missing something, but doesn't this give you the same password for all accounts with the username johnsmith?

I wouldn't store passwords in my wallet either and find this system far too cumbersome. I think if you're really concerned about security, you should never "remember" your password on any site -- see story about stupid criminal who stole a Washington Post reporter's laptop and posted photo of himself on the reporter's son's Facebook page: http://blog.washingtonpost.com/story-lab/2010/12/post_4.html (the security of the teen's FB page isn't getting the same play as the stupid criminal angle).

I don't write my passwords down, but I do use reminders in a code of sorts.

An example: I have an account with the bank Bancomer. In Spanish, "comer" means to eat, so I refer to it as "eßenbanque". (I know it's "essen"; nobody likely to find my list would recognize the ß, though; it would be mistaken for a B.) If my password were "l4rryb1rd" (it's not) I might render it as "oiseaulázaro", just enough of a reminder, while still misleading.

This scheme might not work so well in, say, Brussels, but here in Monolingüilandia I think it's reasonable, although I do wonder from time to time just how sound it really is.

I use something vaguely similar for my passwords, but with Russian instead of spanish/german.

Fun fact: the password based on Russian transliteration that looks NOTHING like any English word I've seen (imagine "cexuqakr3") trips the linux "too close to dictionary word!" warning while a less secure password that's based on two english words (imagine "bellykitten13") doesn't.

Although this method may be great for you, it doesn't seem worth it to me.

Having your passwords hacked or guessed is bad because it's a hassle, and it can lead to you losing time and money.

This method of password generation/storage is also a hassle, and definitely leads to losing time (which may translate to money).

I find it far easier to come up with a reasonably long and complex 'base' password, then tag an extra bit to the end depending on which site you're accessing. Since our memory is strongly context dependent, it's easy to remember the extra little bit for the site you're currently on.

I read a story on HN a while back about a guy who used an algorithm to generate his passwords. Don't have the link but something like combining easy to remember bits of personal information. e.g mother's name, kids birthday, maybe changing the case of these. Also adding something site specific like the last three letters of the url backwards. It's easy to remember passwords this way but if one gets out they're all vulnerable if someone looks closely.

Write them down to a file, and encrypt the file with a single passphrase. You only need to remember one thing.

There are many tools that let you do that on your mobile phone of choice, including my own http://memengo.com which has a benefit of also including the online backup feature in case you lose your phone.

Mobile phones get lost. Pieces of paper too. Online services die off. And then, you might want to log in from your mates computer. For me, the only usable password generation methods are those that fit in my mind.


Write parts of your password down in several places, collect some of them (say, 8 of 10) to reconstruct it (completely!) if you've forgotten it; let someone who finds your wallet with one part of it know nothing.

Here is another reason to write your passwords down: At my workplace there was a programmer. One day he had a heart attack, and was put into a 3 week artifiscal coma. When he woke again, he could not remember any passwords. Everything was a pain. To this day, his website ends the day, he had the attack.

I think what you have here is more an argument for making sure there are redundancies in who has access to your vital systems.

Not so sure how my loved ones would feel about my employer asking to go through my personal effects if I was in a coma.

I use a great little tool called PasswordMaker that I actually found in the comments of a thread here a long time ago. Here's a brief summary: http://blog.rapin.com/better-authentication-password-managem...

I like the direction, but the obvious caveat are websites or weird legacy systems that don't allow you to have certain characters in your password or otherwise restrict it.

And then there's the whole trouble of sites that require a username that you need to remember and that is usually restricted in ridiculous ways.

This password would be really hard to crack.

T#!$ p@$$w0rd w0uld &e re@lly #@rd t0 cr@ck.


The passwords for my important stuff look much like the above. Just write a sentence that's easy to remember, replace letters with the special characters they look like and blend it all together. Works a treat.

I consider this the geek equivalent of using "password" or "123456". It is so common for tech people to do this. The real security here is the length of the password, not the special characters.

With some Markov chain generators and leetification, not as hard as you think.

Anyone else try to log into John's HN account just to make sure he didn't make a very bad mistake (by posting the actual sheet he uses)?

for something easy to use, I use character names from foreign films and texts, modified with a certain character replacement and displacement..

I'll get my mom on this right away. :)

Post-IT pswds.

Another good way store passwords is to memorize a simple algorithm based on the topic of your password.

Example: - last 3 letters - a static symbol (let's use %) - @ if it's online / & if it's not - 3rd 1st 4th letter of topic in Capital-lower-Capital format - follow with a short string to increase length and stump bruteforces (lets use gold158)

So my password for hackernews would be: - ews - % - @ - ChK - gold158


I'm no security expert, but that seems to be pretty secure and it will be different for each password. You won't ever be in trouble if you forget a password and it doesn't require you to carry around written passwords. If you scramble it a little better than I did in my example, it will look random and no one will try to "reverse engineer" your algorithm. (So when someone needs your password temporarily, you can tell them)

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact