Tuesday, August 16, 2005

Password, Please!

Español | Deutsche | Français | Italiano | Português

As many of us know, a lot of Web Sites require registration and passwords. But coming up with one can be a real chore. Some software, notably registered Shareware, also asks you to enter a password to enable functions and features that are normally locked. In those cases, you are given the necessary information. Then, on top of all that, you have to be able to remember it. So, how do we handle all that?

Actually, it isn’t as hard as it looks. .Let’s start at the beginning. I’m going to give you a few ‘Rules’ to keep in mind when you need to come up with a ‘good’ password. There are several neat little tricks used by the professionals that make password selection easy. Number one is to NOT use anything that someone could decipher by using personal information like the names of your pets, parents, spouse, children, street you live on, etc. Instead, use the lyrics of a song you like. No, don’t use the whole song! Use the first line of the chorus or maybe a line in one of the verses. Take the first letter of the word phrase, tack a number to the end from 1 to 9, and you’re done! For example, remember the Coke song? “I want to buy the world a Coke…” Applying my little trick to it you get the password “IWTBTWAC1”. Now then, this is a demonstration so don’t use this one your self, OK? But you get the idea, right? A word of caution though. Don’t use song lyrics like the Beatles song “All Together Now”. You don’t want a password that uses repeating characters (ATNATNATN1). That’s just too easy to figure out. The very best password is a totally random sequence of 6 to 8 (or more)characters with a number dropped anywhere in the sequence.

So, the first Rule of Passwords goes like this. “Don’t use familiar words, names, or phrases.”

Second Rule – “Don’t use repeating characters.”

And the Third Rule – “Add a number (or a couple numbers) to a string of characters.”

Rule four? “Use something you can remember.”

In actuality there are several more ‘good’ rules, but since we are talking about using our systems at home, they could be considered to be unnecessary. You may even consider a few of these four rules unnecessary for your use. However, if you are banking on-line through a Web Site, for example, be careful and DO follow the four rules listed!

So now that we can come up with the password, how do we remember it for the particular situation? And how about the weird and strange randomized character passwords we need to get into locked applications. Or the pass codes you get when you register that Shareware program you can’t live without.

Go to my favorite download sites and search using the word “Password”. You will find lots of items. You will find password retrievers and other utilities of the same category. You will also find a few Password Generators. Pick one to make passwords for you if you can’t come up with one of your own.

The Quicky Password Generator is designed to be fast, efficient, and small. It generates up to 5000 passwords of 4 to 20 characters in length at a time. The passwords are displayed and can be copied to your clipboard. There are options for alphanumeric, uppercase only, variable length, and special characters. This new version has increased the maximum number of passwords to 100,000. It has added code to detect when a unique password could not be formed because the maximum length is too short to create ALL unique passwords and a button to create a file of the passwords that were generated. All passwords generated in one cycle are certain to be unique.

The password Safe system I use on my PCs is the KeePass Password Safe. With this package you can store your passwords in a highly-encrypted database that can only be unlocked with one master key and/or a key-disk. A database consists of only one file that can be transferred from one computer to another. The program supports password groups and you can drag and drop passwords into almost any other window. The auto-type feature types your login information into other windows automatically (just press a hot key). The software can import data from various formats like CSV, CodeWallet TXT and CounterPanes PwSafe. The password list can be exported to various formats (including TXT, HTML, XML and CSV files). The password list can of course also be printed (complete database or only current view). I use a 20 Mb USB Mini-Drive Keychain device that cost me about $30 US. The Password Safe is installed on the device with the database file. Whenever I need to get a password, I use the device. Nothing is kept on my systems and the device is on my keyring whenever I need it.

There are a lot of interesting tools available so find the ome you like and, as always, HAVE FUN!