genrating secure passwords (was Re: Password choices)

Richard Hargrove richardh at killer.UUCP
Sun Jul 10 00:34:29 AEST 1988


Most of the articles posted so far have discussed the ways of generating
bad passwords. Since at any given point in time I may have to be able to
log into as many as 20 different systems (each with a different password
of course; you wouldn't dare use the same password across multiple systems
would you? :-), I use a variant on the method suggested by the CompuServe
adminstrators. Their suggestion is to form your password from

	<word1><pucnt><word2>

where word1 and word2 are unrelated. The idea is that since the password
has semantic content, it will be easier to remember. Obviously this method
is easily varied (no I'm not going to tell you what my variation is :-).

For generating many, vaguely related passwords, the choices for the words
can come from two classes of words (example: sports and flowers - 
"Sailing;Rose"). While the example lists two noun classes, verb or adjective 
classes may be used also. Minor variations in the words of a base password 
can then be used to generate closely related password groups (i.e. - 
"sail;Roses"). This method can be used to generate clusters of passwords
that you can use with password aging systems.

Hope this helps others avoid the "Oh, no! What password am I using on this
system." syndrome.

richard hargrove
...!{ihnp4 | codas | cbosgd}!killer!richardh
--------------------------------------------



More information about the Comp.unix.questions mailing list