The password conundrum

There are many things that bother me about the Internet. One of them is administrative arrogance, and I can think of no better example than the nazis at

Not only do they mandate minimum limits to their password, which is understandable, but they won't allow any password that doesn't contain a combination of uppercase and lowercase and doesn't contain numbers.

In their zealous efforts to protect us from ourselves, GoDaddy has decided that we have to invent complicated passwords that we are more likely to forget. This means that we have to write the password down somewhere, which automatically defeats the purpose. Ironically, GoDaddy's attempt to make our passwords more secure makes them less secure.

The best solution to the password problem is a private algorithm that constructs the password for you. The algorithm should result in a long password, but one that is so random to outsiders that it can't be cracked. Here's an algorithm I no longer use, one that was unforgettable:

1. Take the domain name of the website into which you are logging.
2. Take your middle name
3. Pick a "favorite" number - one that you've decided is the number you will always use (eg 314)
4. Sub out every vowel for the number 1.
5. End it with the domain

My password for GoDaddy would become:

There is no password cracker in the world that could guess that password. At the same time, because it's based on things that are obvious only to me, I will never fail to enter in the correct password, regardless of how many different sites I have logins and passwords for.

No comments:

Post a Comment