Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

eridani

(51,907 posts)
Wed Nov 4, 2015, 11:40 PM Nov 2015

For $2, this 11-year-old girl will create you a virtually uncrackable password.

http://www.upworthy.com/for-2-this-11-year-old-girl-will-create-you-a-virtually-uncrackable-password

Meet Mira, a sixth-grader in New York City who enjoys gymnastics, dancing, and, oh yeah, sticking it to would-be cyber-attackers.

Mira is the driving force behind Diceware Passwords, a clever service that builds you your very own, ultra-secure password for just $2.

A lot people think the strongest passwords are long strings of random numbers, letters, and symbols, like $%hf73afd#3. But random gibberish like that is almost impossible to remember. You might even be tempted to write it down somewhere (raise your hand in shame in you have a sticky note above your computer with all of your passwords on it), which of course defeats the entire purpose.

The Diceware system uses actual dice to create wacky looking passwords like "cleft cam synod lacy yr wok."

Designed by Arnold G. Reinhold in 1995, Diceware creates "passphrases," or strings of six completely random words from the dictionary. Five-digit numbers created by rolling a die five times correspond to items from a master list of over 7,000 uncommon English words. Rinse and repeat to create the full passphrase.

It's a little odd, but super effective. Diceware passwords are nearly impossible to crack, but surprisingly they aren't all that hard for humans to remember. If yours were "cleft cam synod lacy yr wok," for example, just imagine a musical clam wearing lacy underwear, being cooked in a wok. Now you've got a password you are't likely to forget anytime soon.

Still, this isn't exactly the most practical method in the world. And that's where Mira comes in.
3 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
For $2, this 11-year-old girl will create you a virtually uncrackable password. (Original Post) eridani Nov 2015 OP
Only problem with this TlalocW Nov 2015 #1
Saw a computer guy on one of the networks talking about passwords. cwydro Nov 2015 #2
I also use the phoenic alphabet Travis_0004 Nov 2015 #3

TlalocW

(15,632 posts)
1. Only problem with this
Thu Nov 5, 2015, 12:38 AM
Nov 2015

Is that some sites limit the length of your password and/or require at least one capital letter, a number, and a symbol in your password.

Admittedly it's not too hard to make the first letter capital and then tack on your favorite number and a exclamation point at the end without doing harm, but the length is still an issue.

TlalocW

 

cwydro

(51,308 posts)
2. Saw a computer guy on one of the networks talking about passwords.
Fri Nov 6, 2015, 10:14 AM
Nov 2015

He suggested using phrases...names of movies or songs, gibberish phrases (Jabberwocky anyone?) or homilies.

A stitch in time saves nine. Penny saved is a penny earned.

Born to be wild. Build me up buttercup. Just anything that's easy to remember. Attach a number, vary a capital in it, and he said it was very difficult to hack.

 

Travis_0004

(5,417 posts)
3. I also use the phoenic alphabet
Fri Nov 13, 2015, 11:17 PM
Nov 2015

Lets say I have the password 'pass'

At DU my password is DeltaPass.

If you cracked that, my password to chase bank would be charlie pass.

That is a bit simplified. The reason is simple. Lets say Im a hacker. I probably can not crack chase bank. They invest millions of security.

I bet I can hack a small forum run by somebody with a little IT knowledge, then try those 250k password combinations at chase.com and see if some work.

By having a unique password you bypass this. A human cpuld spot the pattern if my password was hacked multiple times but a computer would try a password and reject it for not working.

And the best advise is to use 2 factor authentication.

I can give you my gmail name and password. If you try to log in the IP address is unknown and google sends me a text. I have to key in the 4 digit code google sent me to login.

Now you need to have my password and steal my phone.

Latest Discussions»Alliance Forums»History of Feminism»For $2, this 11-year-old ...