A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which should be kept secret from those not allowed access.
definition of Password by wikipedia.com
Create some password is a common things that people do, most of all online service, asking their user to register using username or email, after that you must create your password, then, you can using their service, it easy right?
But HOW IF, someone using your ID to use your paying service? Maybe no problem for you, but HOW IF someone login to your account and doing some illegal activity on the internet??? That's will be a HUGE problem for you, i guarantee.
You think you Password can't be breach? Because you use password generator?
Hmm... how about if you have 10 diffrent account in diffrent website, are you using diffrent password for each account, and you generate your password using password generator, do you remember it all? If yes, how about 50 diffrent account? do you remember it all??? :P no offense.
Do you believe you can remember all username and password of 1000 diffrent account and website?
- Yes, i can remember it all.
Okay, i will show you some sample to create strong password using some pattern, with your brain as password generator.
Step 1 - Find something you like but no one knows, only you and god knows it, or maybe you can select it randomly, but you must remember, it's like your secret word.
Example : i choose word "BASH" because i create script using BASH everyday.
avoid your dog name, mother name, father name, chidren name, because name is easy to guess
Step 2 - Create Pattern, create some custom pattern that originally from your mind, dont use the hard one, create the simple one, and remember it.
Example : [type connection] - [website/application] - [secret word] - [amount of character in website]
Example i want create account in https://www.facebook.com/
type connection : for website i use HT from Http:// , for application i use AP from App , for ftp i use FT from ftp:// , for ssh i use SS from ssh:// , for sftp i use SF from sftp://.
Now we have 5 diffrent combination
website/application : name of website that we will use to register, in this case is facebook i only take the last two word which is ok from facebook so i use "Ok"
secret word : which is "BASH"
amount of character in website : facebook contain 8 character, so i use 8.
Final, so my password for http://www.facebook.com is
HTOk"BASH"8
Simple right? how about http://www.yahoo.com
HTOo"BASH"5
Take more example on application like game, it need 2 password, web password and game password, and in some games required vault password.
Example game Perfect World, website http://www.arcgames.com/en/games/pwi
Password for Website
HTEs"BASH"8
Password for Game
APEs"BASH"8
That's all, all you need to remember is your pattern and your secret code, simple right, how about that 1000 account? can you remember all?? YES...
But, is it still can be breach?? Yes... using Dictionary Brute Force, but maybe it takes about 2 years or more, its not worth it to breach it.
With only 2 thing which is BASH and Pattern, you have qualified password. Your password can't be breach by anyone, except by you, so don't ever tell your PATTERN or Secret Code to anyone or anything that looks like human, except your pet :P, and don't ever write it down or save it in your computer, even its your personal computer.
Our brain is most strong and secure password generator.
I have been hacked few times because of the weak password before. And, to be honest, I myself have hacked few as well and for some reason. So, this post is really helpful to avoid such situations in future. Thanks a lot for posting!
ReplyDelete