.

 Healthy Passwords

.

.

Password Planning

Here's a quick review of the suggested way to create a memorable password plan. The book goes into much more detail, but this should get you going:

  1. Take inventory of your current usernames and passwords. Print out the worksheet (PDF Version is suggested PDF Download-able Version ) and keep it with you for a few weeks. Every time you login to a new site, write down your existing site name, username, password and categorize it by risk level.

  2. Once you feel you have all your sites, write them down on a newly printed worksheet sorted by risk level. Write your highest risk sites first; Your high risk sites second; You moderate sites third; and, your low risk sites last.

  3. Assign each site a site identifier code. This is your own two or three digit code that will be used as a shorthand for you to know which site is which.

  4. Choose your ingredients. Use the Ingredient worksheet to record your breads (beginning and ending), main ingredients (middle), and condiments (connectors). Reading the book really helps with this metaphor.

  5. Start assembling ingredients.

Ingredient List

  1. High-risk sites like financial institutions need a top quality main ingredient.

  2. Moderate sites can use a lesser quality main ingredient.

  3. Sharing breads, condiments, and spices is OK.

  4. You should underline spices (capital letters).

  5. Expiration date codes should be incorporated for all high-risk sites.

  6. It's always safest to adopt a shorthand, but when you're just starting, keeping it simple is sometimes better.

Creating a Tasty Main Ingredient

The book goes into greater details on how to create a good main ingredient. The quick of this is to use short memorable phrases. There are plenty of examples using songs or TV shows, but due to copyright laws, most of those cannot be used in a book or on a website. The book uses an old public domain one that is a perfect example.

Three Blind Mice. See How They Run

Two part phrases like this are really good. They give you three good main ingredients. You can use the first part (tbm), or the second part (shtr), or combine them (tbmshtr) for a more secure ingredient. Because they are related they are easy to remember. You should not use this exact example, but it's not too difficult to think of some others. The book gives many more good examples you can use to create your own unique phrases.

Type Highest Risk High Risk Moderate Risk
Bread (beginning)
Bread (top)
Bread (bottom)
Main Ingredient
Condiments (leading)
Condiments (Trailing)

Sample Using the "Three Blind Mice" example from the book.

Type Highest Risk High Risk Moderate Risk
Bread ss (Site Identifier) ss (Site Identifier) ss (Site Identifier)
Bread Expiration Quarter Expiration Month Expiration Month
Main Ingredient TbmShtr Shtr Tbm
Condiments (leading) @ !
Condiments (Trailing) .

When you create your first password plan keep the following in mind:

  • All your highest risk sites should have at least one bread, a main ingredient, and a few condiments to get their length between 10-14 characters. If you're just starting out, keep it very simple. You can always make it stronger later. Remember that your site identifier and expiration code is what keeps things unique (You'll have to read to book to get more information on this).

  • All your high risk sites should be similar to your highest, but a little different and not as complex. High risk sites are normally e-commerce (shopping) sites, so a breach could be more of a hassle than a loss.

  • All your moderate sites should use a different main ingredient. Moderate sites are the most likely to be sniffed by someone when you're at a public hot spot.

  • Your low risk sites can use the same old junk food password you may already be using everywhere. In case you haven't read the book, low risk sites keep no significant personal information about you. They normally are just meant to keep your email address and a few minor details. They may be for small forum based hobby sites, so if someone does impersonate you, it's not something that will be widespread like a FACEBOOK or TWITTER impersonation.

Sample Password Plan

Risk Level Site Top Bread Condiment Main Ingredient Condiment Bottom Bread
Highest First Bank Fb @ TbmShtr ! Q1
Second Bank Sb @ TbmShtr ! Q2
High Amazon™ az @ Shtr A2
Overstock™ os @ Shtr A2
Moderate Twitter™ tw @ Tbm A2
Facebook™ fb @ Tbm A1
Low Knitters
Anonymous		 JrdJsd
Cat's Best Friend JrdJsd

Characteristics of a strong password

  1. Be at least ten characters.

  2. Include a mix of lower case and upper case letters.

  3. Include at least one number

  4. Include at least one special character.

  5. Is not a dictionary word (even spelled backward).

  6. Internet searches for your filling should not return any meaningful results.

  7. Do not use series like abc or 123 or 321.

  8. Avoid character substitution (like P@$$W0RD) for dictionary words.

Password Worksheet

PDF Downloadable Version

Site Site Abbrv User-name Risk Level Password

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L

H
M
L
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf