attack 2

Richard Crawford rscrawford at mossroot.com
Thu May 12 21:20:12 UTC 2005


On Thursday 12 May 2005 13:53, jludwig wrote:
> Patterns on the keyboard are a good way to go as far as password
> generation. Something such as qazwsx123 (try typing it out on a "qwerty"
> keyboard).

One method that works well for me and which I've seen in a couple of different 
books is to come up with a sentence, then take the first letter of each word 
in the sentence (along with punctuation), then do some minor character 
substitution.

For example, take the sentence:

	"We love our Linux administrator guy and we'll give him money!"

The first letter of each sentence becomes:

	wloLagawghm!

Then do some minor character substitution (such as swapping capitalization for 
some letters or using numerical replacements), as well as some symbolic 
substitutions (I usually use the symbol 3v for "love", for example):

	W3v0La6&wGh$1   (where 0=zero and 1=one)

If you like, you can even reverse it, as I've done in a couple of instances:

	1$hGw&6aL0v3W

And, finally, add some characters to each end to make the password at least 
fourteen characters long (in this case, one character on each end; and I used 
42 as my cue, since security is the meaning of life, so this password is 
fifteen characters long):

	41$hGw&6aL0v3W2

See?  A nice simple human-friendly algorithm that generates a secure password, 
complete with a helpful mnemonic -- well, a helpful memory spur, at least.

And no, this is NOT my password for any work or home machine of mine.  ;)


-- 
Richard S. Crawford
http://www.mossroot.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050512/58417e5a/attachment-0001.sig>


More information about the fedora-list mailing list