Wednesday, September 04, 2013

Secure Passwords and Passphrases

There are 95 typeable characters to use in your passwords.  A nice long random string of those 95 characters is probably the most secure password.  Secure, but hard to remember.  Here’s a webpage I wrote to generate secure passwords and passphrases.  Passphrases are actual words, which are easier to remember, and a string of them can be as secure as hard-to-remember password with mixed cases and special characters and all.  Here’s anxkcd comic that illustrates the basic problem.
There are three tools on that page, one to generate a string of words to make a passphrase, one makes a crude attempt to make a valid sentence with random words, and one that just gives you a traditional strong password.
How did I make them?
  1. Get some words.  I downloaded some books off the internet and extracted all the unique words and compiled a long list.  I think there was about 13000 words.  Those utilitarian steps I coded up in C# since it’s nice and easy to work with, and Visual Studio is awesome.
  2. Pick some words at random.  I read the dictionary in at the webserver (that step in php) and picksome at random.  That’s all there is to it.
  3. What about the random sentence?  I found a list of nouns and verbs and adjectives and whatnot online.  The potentially readable passphrase is of the form:
the [adjective] [noun] [adverb] [past tense verb] the [adjective] [noun]
Q: What was the hardest part you ask?  A: The list of verbs I found was in the present-tense, but the sentence sounded better if the words were in the past-tense.  So I translated them all manually.  That was a pain.  By the end I got the brain fuzz really bad.  You might find some mistakes in there.  There might be something in there like taked, instead oftook.
Here’s the link again:  Generate passwords and passphrases.
Sincerely, Warmest regards, Best of luck,
more stuff available at my brain annex.
the merciful hydrant unimpressively stamped the quarrelsome war

Wednesday, May 15, 2013

blog moved

Hi old friends,

How is everyone?  Is anyone still following this old blog?  If so, I've imported all this stuff and put it over on my new site, which I call my "brain annex."  I've been neglecting this blog for a long time, and I'll likely neglect the other one too.  It might be more sciencey or more geeky and less runney, but most likely I'll write about all three.

Anyway, here it is:

Also, here's my linkedin page:
join my network!

And here's my facebook page:
be my friend!

Love, Keith.