So Many Passwords So Little Mind

So many passwords, so little mind! How to create passwords you can remember at will using the LPEM by Alain Lemay

Too Many Passwords!
So, you now have a Google account, a Facebook account, two online banking accounts, an account for your city taxes, a Flickr account, a Yahoo Messenger account, a Skype account, and two blogs. And this is just the tip of the iceberg!

A 2007 study of Web users by Microsoft Research found that the average user has 6.5 Web passwords, each of which is shared across almost four different websites. In addition, each user has about 25 accounts that require passwords , and types an average of 8 passwords per day.

So what do you do?

What are the options
OPTIONS:

1- you use the same password for every application

2- you use an OpenID or similar “decentralized user identification standard”

3- You write them all down, on a piece of paper or on a sticky that you leave in your home/workspace
ISSUES:

If someone cracks your password, they have access to your whole life online!

These are coming along slowly but then again, some of the same concerns as before arise. Tech support guys will tell you they can find a user’s password written somewhere in their office in under 10 minutes!

The Solution - The LPEM
The L emay P assword E ncryption M ethod

The LPEM allows you to create unique, secure, AND esay to rememer passwords for nearly every account you have.

The LPEM uses the ancient and venerable science of cryptography. Cryptography, according to Wikipedia, “…is the practice and study of hiding information”.

Basically, you use a cipher to create your passwords.

LPEM - The Cipher
A cipher is an encryption algorithm - in layman’s terms, a series of well-defined steps that can be followed as a procedure and that will produce a coded piece of text. Since only you will know your cipher, only you can decipher your passwords. Each password is unique yet easy to remember using your particular cipher.

Basic password best practices
Let’s start by looking at the basic password best practices: - Eight or more characters - Use Uppercase and lowercase letters - Use numbers - Use alphanumeric characters and include special characters, where supported by the operating system. Keeping these in mind, we are going to build a custom password algorithm for your accounts.

A basic cipher
Here is an example of a cipher used to create a password.

Step 1- First and second letters in caps
Step 2- Your salary rounded to two digits (i.e. 52)
Step 3- Last two letters, never in caps
Step 4- Two odd characters
To add an extra layer of security, change your system on a regular basis. I suggest every 2-3 months.

Applying a cipher
Say you want to apply this cipher to create a password for Twitter.
Following the cipher, you obtain:
1- TW 2- 52 3- er 4- ;)
So your new Twitter password is: TW52er;) Using the same cipher, your Facebook password would be FA52ok;)

Application Specific Ciphers
You can customize your cipher according to the type of account or application using a variant of the basic cipher presented before.

For example, a cipher specific to your mail accounts might look like this:

1- Take first and last letter of site, always in CAPS 2- Add the word “mail” (for an email account, you would choose something else for banking or other types of accounts) 3- Replace the L by an exclamation mark ! 4- Add a number at the end of significance (so you will remember it) but not directly related to you. E.g. number of years to retirement (18)

Application Specific Cipher - examples
Using our new mail specific cipher, you would obtain the following passwords:

For yahoo mail : YOmai!18 For hotmail (MSN): HLmai!18 For Gmail : GLmai!18
And so on and so forth.

Contact information
Copyright Alain Lemay, 2009

This presentation can be reproduced and distributed at will as long as proper credit is given.

You can find me here:

My Blog: Brainages On LinkedIn: http://www.linkedin.com/in/alainlemay
On Twitter: http://twitter.com/Alain_Lemay69 On Gmail: [email_address]

So Many Passwords So Little Mind

by Alain Lemay on Mar 20, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

Statistics

So Many Passwords So Little Mind — Presentation Transcript