Recently while doing my research around the topic of passwords, I came across a few interesting concepts. What makes those interesting is the fact that they intend to help us create a password that is tough to break but easy to remember. These concepts are namely Pass Phrase, Diceware, Password Haystacks & by now the very famous comic strip (see below) by xkcd. Don’t worry, the concepts are not as difficult to understand as they sound.
A pass phrase is a sequence of words or other text used to control access to a computer system, program or data.Wikipedia, The Free Encyclopedia
In short, instead of using a difficult to remember and difficult to type passwords like H46R8TBXHY5D or iWb024#thM79, simply use a pass phrase “I Like 15th August 1947!” It is easy to remember and easy to type and almost takes the same amount of time to type. It also satisfies all the elements of strong password like upper case, lower case, numbers and punctuation.
Well, when it comes to memorable passwords, there is a long standing debate that pass phrases are easy to remember and difficult to hack. There are voices which do not really agree with this statement. They have some valid arguments as below
- With pass phrases, the brute force attack will shift from character level to word level.
- Users are more likely to pick up common phrases/quotes from books, popular movies or other proper nouns that are easily guessed, as the basic idea is to make those memorable. This makes hacking easier than ever.
You may be wondering how these concepts stated above are related. In order to take care of problems with pass phrases, experts have come up with solutions. The famous comic strips by xkcd shown below offers one such solution. In short, the idea is to choose random dictionary words instead of meaningful sentence. The random words are chosen from poll of common words which makes those easy to remember. If you are really interested in a nice and detailed explanation of it, I highly recommend you to read this article on agilebits blog.