The Problem – Remembering Complex Passwords. As our online footprint grows – so does the number of username and passwords we have to manage. Unfortunately the problem seems to get worse every year, not better. Until an effective password management solution emerges, we typically fall back to our memory or highly insecure written notes to remember our passwords. Unfortunately we often forget the complex passwords we’re required to create.
One solution is to subscribe to a password vault service. There are many of them. Unfortunately, these solutions hand over the keys to your kingdom to a company that may not properly protect your passwords.
An alternate solution to the problem is utilizing a private personal journal app to store password hints (not actual passwords). This article provides some insight as to how password hits work.
What makes a good password is complexity. Complexity comes from the use of longer passwords, made up of a mix of lower case, upper case, numbers, and special characters. One solution to the password memory problem is to maintain a password keeper journal that provides a solid password hint, but would be completely useless to anyone other than the password hit holder. Our Flexible Journal Android journal app helps users to do just this. One benefit of Flexible Journal vs using a different password diary app or password vault is that the application can be used to support a broad range of journaling needs, in addition to providing an easy-to-use password diary app. In addition, users of Flexible Journal provides the ability to set a password for a journal, turning our Journal App into a diary app with password.
There are multiple online articles about creating solid passwords provided at the bottom of this page. In summary, a good password is one that someone (or a computer) would not easily guess. Recommendations password length and strength vary, but many companies are enforcing password lengths of at least 14 characters with a mix of upper, lower, and special characters. Ughh… How to remember.
There are a few simple techniques to build a complex password but that can more easily be remembered, especially with a password hints maintained in a password keeper journal. The following example shows how some of these techniques can be used
Using Private Phrases
We all have secrets. Your secrets are a great starting point for building complex passwords. Experts recommend not using common names, however with creative insertion or substitution of special characters – names can be an OK basis for complex passwords. Phrases can be full sentences. Use of 2 or more completely unrelated phrases in a password helps make passwords even more complex.
Here’s an example set of “Private Phrases” or “Pass Phrases”
My favorite beach growing up? “daytona”
My first country traveled? “canada”
My first liquor consumed? “bartlesjames”
There is a big difference between substituting vs inserting a special character. Substituting means switching one character in a pass phrase. For example, one might substitute every “a” with “@” (e.g. “canada” would become “c@n@d@”). Insertion means adding a special character somewhere within a pass phrase (e.g. “#bartlejames#” inserts a “#” at the beginning and end of one of the above mentioned pass phrases. Joining it all together can make for a very complex password (e.g. a pretty solid password might be “daytonaC@n@d@#bartlesjames#”)
Pulling this all together can be a password hint that would make guessing the password pretty difficult. For example, a hint for “daytonaC@n@d@#bartlesjames#” might be “beachC@#drink#”. It would be pretty hard for someone to connect the dots between the 2. It’s important to make sure your hints mean something to you, and no one else. Once the password has been saved for some application in a password hint diary (like the Flexible Journal mobile journal application), you can quickly find the hint so that you can enter the corresponding password whenever it is needed.Password References
From Carnegie Mellon