Perfect password that?s easy to remember

25 Oct 2015 | Author: | No comments yet »

How to create a safe, secure and easy-to-remember password.

Two California researchers are offering the high-tech world a glimpse of hope — they figured out how to create a perfect password that can be easily remembered.Two researchers at the University of Southern California say they have created a system that helps individuals find passwords that are both hard to crack and easy to remember, reports a Wonkblog article published in the Washington Post (reg. req.). Instead of passwords, consider the passpoem: Turning random strings of characters into rhymed, metered verse was the brainchild of Kevin Knight, a senior research scientist at USC’s Information Sciences Institute and a professor in their Computer Science Department, and Marjan Ghazvininejad, a Ph.D. student at the institute.

Based on a dictionary of 327,868 words, it offers individuals password options such as “Australia juggernaut employed the Daniel Lincoln asteroid.” There’s just one problem that may require a bit more thought: Many websites don’t allow passwords of this length, although some are reconsidering because longer passwords are stronger, the article reports. Choosing 12345, for instance — still easily one of the most popular passwords — won’t be forgotten any time soon but it also won’t actually be much use for keeping people out of your computer. But Knight and Ghazvininejad set out to use natural language processing to make passwords even more secure and even more memorable. “You want to choose your password from a large number of possible passwords,” Knight explains. “The larger the number of possibilities it is, the longer it will take an opponent to guess your password.” Their 60-bit string gives them a pool of 2^60 possible combinations, that’s well over 1 quintillion. Could a random password poem, which can be obtained by emailing the researchers’ website, be whittled down to fit, through some personal process, without losing much of its strength? Security experts therefore recommend that users automatically generate or choose an unusual word, which couldn’t be guessed by computers that automatically enter passwords in an attempt to get through logins.

That means it would require “billions and billions and billions and billions of guesses” for a brute-force attacker to crack the password, Knight says — which would take more than a decade. Considering that Google has made signing in accounts easier by introducing a two-step verification system that integrates with the user’s mobile number, a number of companies such as Facebook and Dropbox have been using the same feature, where the user authenticates his cellular number.

In a new paper, Marjan Ghazvininejad and Kevin Knight argue that generating passwords that have a metrical rhythm and rhyming words will allow people to commit them to memory — even if they are randomly generated and nonsensical. And to avoid truly terrible poems, for each initial string, their system builds a million poems — each of which which wouldn’t appear for any other string. (There are 2^79 possible poems under their system, so they have a lot of extras to work with). For most people this service proves to be easy and automated, unless the unfortunate circumstances occur when the user gets locked out of his own account.

The key to the phrase being a poem, rather than randomly generated words as in the XKCD strip, is the rhythm that helps people remember it, The Post wrote. “They then use a computer program to generate a very long random number, break that number up into pieces, and then translate those pieces into two short phrases,” The Post explained. “The computer program they use ensures that the two lines end in words that rhyme, and that the whole phrase is in iambic tetrameter.” According to Lifehacker.com, many people use common passwords, an issue that showed up during a breach of Adobe. The poems were far more memorable: in a small test they ran, more than 60 percent of their test subjects could remember a poem correctly two days later. Knight acknowledges that not all password-protected sites would accept a password like this: character limits or requirements for numbers or symbols can interfere. “But I think the more these longer passwords become accepted and people realize they’re quite good and memorable and secure, sites with password protection will start allowing more,” he says. The Washington Post’s Alexandra Petri added to this phenomenon, and said as a password continues to become more impossible to remember, the stronger it becomes. If the poems are to be automatically generated, however, an algorithm could be developed that would be able to recognise those bad poems and sort them out.

Looking forward, Ghazvininejad thinks there might be room to make their computer-generated poems even easier to memorize. “For example, maybe it’s hard for people to memorize abstract words, but it’s easier for people to memorize not-abstract words,” she suggests. “So we can add psychology to this project and come up with poems that are easier for people to memorize.” Not that any password could be guaranteed to stick in our memories. It is important to note that the above password is easier to remember as compared to a random jumble of letters, characters and numbers in some designated order. For instance, “Enrique Hasbro Japanese revealed aggressive amputees” and “A peanut classified expected branches citywide” are the best examples of secured passwords which could be remembered more easily.

However, to keep these passwords secure, they both removed database so potential attackers and hackers do not use these suggested passwords making decryption easier. Furthermore, using characters in email address, name or any other field should also be taken into consideration as these websites prefer users to keep passwords that can not be guessed from name, email address or any other association with the user.

Thus, if the frequency of such passwords decreases, users should consider that it would become increasingly more challenging to remember such passwords.

Here you can write a commentary on the recording "Perfect password that?s easy to remember".

* Required fields
All the reviews are moderated.
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site