Password
Security in
Iambic Pentameter
by M.J. Rhymes & J.D. Flow (a.k.a. Mike Cuvelier and Joe Wolf) |
|
There are people out there who don't have a clue on
how weak passwords can do harm to you. |
|
So what is a weak password? And why are they ill? It's
a pass that's easily uncovered, or cracked, if you will. |
|
And if your pass is known by someone other than
you they can do things you wouldn't want them to do, |
|
Like get credit card numbers, or snoop your PC-- it's
a total invasion of your privacy! |
|
No one wants this to happen to them (no way!), so
listen to what this lengthy poem has to say. |
|
We're here to tell you how to make passwords
strong. Unfortunately for you, it's in the form of a song. |
|
If a password is short, it can be cracked very fast 7+
characters are needed for your password to last. |
|
But a long pass is useless, like "strength" or
"sidelines" For it does not meet the following guidelines |
|
Your password should not be your user ID Nor a blank
nor a word from the dictionary |
|
Even if your pass is a word that's spelled
backwards That technique is well known by mischievous crackers |
|
Dictionary attacks check for all variations of words
and some numbers in all permutations |
|
They even check placements of capital letters which
you might have put in to make your pass better |
|
But the dictionary programs will find them
eventually giving the authentication zero security |
|
And if the dictionary attack does fail Attackers have
another way to prevail |
|
Brute force is a method that hackers will know and it
checks every possible letter combo |
|
The longer the password the longer the brute force but
a long password is not the only recourse |
|
A strong pass contains numbers, like 8, 6, or 2 and
including special characters is also good, too |
|
And along with upper and lower case letters you mix up
these characters; combine them together |
|
So your password looks random, a complicated
string Which makes it conducive to not remembering |
|
So you could go and write that random pass down But
that is not smart, because your note could be found. |
|
And never record your passwords electronically If CS
was religion, that's heresy! |
|
You must keep your password only in your brain So here
is how to do that, with minimal pain |
|
Try making a pass from a phrase that you know from a
book or a song or a cool TV show |
|
Then take the first letter from every word or so and
write all those letters down in a row. |
|
Take "These are the times that try men's souls" for
example It becomes "tattttms," which you may think is quite ample |
|
But oh no, my friend, there is more we can change to
make this password look obnoxiously strange |
|
Now replace some of the letters with capital ones so
"tattftms" is "tAttTtmS" (we're almost done) |
|
Finally you add some numbers in the mix and a special
character, you know, just for kicks |
|
Now we have "tAtt23Tt@mS" which will do just fine And
to remember it well type it out a few times. |
|
If this password is one that is meant to be
secure make sure you change every month or two for sure |
|
How many days will prevent successful attacks? Try 45
days to protect your secret from hacks. |
|
If you have multiple accounts using a
password, entering the same one is simply absurd. |
|
If your accounts are important, make each one
unique this can be a whole new string or just a small tweak. |
|
So remember to make your passwords unique, random and
long and in a few months the old ones should be gone. |
|
If the advice of this poem you indeed plan to
heed, then in life you are guaranteed to succeed. (please, feel free
to re-read) |
|