On 16th February I posted a blog item called 'They've got you covered'. This described an innovative new addressing system called 'what3words' which enabled any 3x3 metre square anywhere in the world to have its own unique address by using three words. You can test this out for yourself by going to their website what3words.com/ and clicking on "Explore the map site". Each square has been allocated a set of three words chosen randomly from a dictionary of 40,000 words. The three words are separated by a dot.
I got to thinking about the perennial problem of creating secure passwords for internet sites - especially for older folk with difficulty remembering the complex set of letters and numbers that many sites are now insisting that you use. You will have seen how, trying to register on a new site, you are informed that your password is too weak, does not contain enough characters or does not contain a mix of upper case, lower case, numbers or other squiggles. This is why so many people I come across have passwords that (though they might conform to some of the rules) nevertheless are easy to "crack" eg Rover123. Worse still is the repeated use of the same password for different sites. The Government-sponsored National Cyber Security Centre has been advising home users that using three random words provides a secure password that is both easy to remember and very hard to crack - even using powerful computers. Read the article on this at www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0 It doesn't matter what the words are and you can choose three that are relevant to you. Don't be tempted to use the names of family, pets or your house. It is surprising how easily these can be discovered by criminals and this vastly reduces the number of words that a hacker has to work through. Also avoid words of less than 4 characters if possible since these tend to be commonly used words; but you can make the words as long as you like. When you choose your 3 words make sure, when you type them in, that there are no spaces between the words (space is not permitted in any password); however, you can use punctuation marks like full stops if you wish. Indeed, if you make sure that one or more of your words begins with an upper case letter and make the punctuation mark something like an asterisk, @ sign, £ sign or a number, then you will satisfy all but the most pernickety of web sites. Here is an example: Football&circus9penguin A password constructed like this will be highly secure since the possible combinations of words will run into trillions and will take many years for even the most powerful of computers to "crack". Of course we are still left with the problem of remembering these passwords - especially if people have quite a lot of sites they visit and want to adhere to the good advice not to have the same password for different sites. So how can we devise a simple system that uses the three random words principle whilst helping failing memories? Here is one suggestion: First of all write down in a single column 24 of the 26 letters of the alphabet but leave out X and Z (because there are far fewer words beginning with these letters). Then, against each letter, think up a word starting with that letter. Use a dictionary if you wish. You will then have a page looking something like this: A Archway B Balloon C Citrus ...and so on down to V Volume W Whisky Y Youth When you want a new password pick three words from your list and insert a punctuation character between the first and the second and a number between the second and the third (see my example up above). Now, on a separate piece of paper, write down the web site title (forget the www and the .com). Thus you might write 'Amazon'. Against this write down the first letter of each of the 3 words you have chosen interspersed by a punctuation character and number. Trying to use a different character and number for each password and vary the letter that you put in upper case. So, if I do this for my example above I would write Amazon F&c9p Note that this is only a clue to your password; it is not the actual password but you can then write down this list of all your password clues and even put it by your computer and NOBODY would be able to guess the actual password. Important. Put the page with 24 words on it safely away in a hidden place and refer to it when you need a reminder. You will probably find that, after a while, you will easily be able to remember what word you selected for each letter.
1 Comment
Bernard Hart
13/5/2019 09:23:29 pm
What a great suggestion. Been looking for a way for Bobbie to remember passwords. Thanks for that, Alan.
Reply
Leave a Reply. |
AuthorAlan Pollard. Retired IT professional in my 70s hopefully proving that not all of us oldies are technophobes. Archives
February 2020
Categories |